Deleted
Deleted Member
Join Date: Apr 19, 2024 23:51:17 GMT
Posts: 0
Likes:
Last Online: Apr 19, 2024 23:51:17 GMT
|
Post by Deleted on Apr 6, 2019 17:08:15 GMT
Bob, that doesn't compute. First, if you look at the pictures I posted above you will see the login-in page and it says "Not Secure," for the very reason that it is NOT a good idea to enter sensitive info there. As for the explanation that the forums don't require HTTPS, that's quite a stretch. The "s" stands for encrypted meaning all you write is scrambled. If not, everything you write on the Forums can be intercepted by hackers in plain english and every message you send a member can be seen by the Web Master and probably some admins. How important is it? Important enough that 79% of websites use HTTPS now. Not trying to be difficult, just reporting the facts so that all members are aware. Has anyone else noticed you are getting logged out more often and have to log back in?
|
|
Uncle Bob
Administrator
Retired admin at avrillavigne.com
I hope someday to be the man my dog thinks I am.
Join Date: Mar 13, 2015 23:28:50 GMT
Posts: 2,530
Likes: 5,839
Last Online: Apr 19, 2024 23:13:17 GMT
|
Post by Uncle Bob on Apr 6, 2019 18:38:10 GMT
I've tested the login page with Chrome, Opera, Chromium, Brave, Firefox and Edge Browsers on a Windows 10 machine. Then, I tested the login page with Chrome, Opera, Chromium, Brave, and Firefox on a machine running Linux Mint. All secure. Don't know what to tell you about Apple. I never have and never will own an Apple device, unless someone offers to pay me to accept it.
It's "a stretch" to expect any kind of real privacy anywhere on the internet. Especially on a public forum that anyone can join. No hacking necessary. BA staff members can see a little more than the registered members and the public. But, not much. We do not have access to your PMs or your login info.
Yes. Up the chain, there are ProBoards admins that have access to the databases that contain this info. Please don't be insulted when I say that nobody that has that kind of access could ever actually give a care whatever you might say on this site. Nobody here is that interesting.
|
|
Deleted
Deleted Member
Join Date: Apr 19, 2024 23:51:17 GMT
Posts: 0
Likes:
Last Online: Apr 19, 2024 23:51:17 GMT
|
Post by Deleted on Apr 6, 2019 20:04:28 GMT
Bob, you're kinda missing the point. This isn't about whether someone here can see what someone else is posting. It's about the entire site not being secure as it should be and therefore leaving more of a chance that a member could get hacked and have harm done to OTHER accounts they have that has nothing to do with BA. The reason you aren't seeing the problem on your Dinosaurous Rex ( ) web browser is that only Apple Safari at this time flags unsecure sites right in the address bar. Quote below: According to Google's HTTPS encryption transparency report, 73 percent of pages loaded in the US using HTTPS in Chrome on Windows, up from 59 percent a year ago. The web is getting more secure, according to Google.Oct 23, 2017 Google: This surge in Chrome HTTPS traffic shows how much safer ... www.zdnet.com/article/google-this-surge-in-chrome-https-traffic-shows-how-much-safer-you-now-are-online/
|
|
Uncle Bob
Administrator
Retired admin at avrillavigne.com
I hope someday to be the man my dog thinks I am.
Join Date: Mar 13, 2015 23:28:50 GMT
Posts: 2,530
Likes: 5,839
Last Online: Apr 19, 2024 23:13:17 GMT
|
Post by Uncle Bob on Apr 6, 2019 20:17:33 GMT
Bob, you're kinda missing the point. I've missed nothing. Your opinion does not change any facts.
|
|
Deleted
Deleted Member
Join Date: Apr 19, 2024 23:51:17 GMT
Posts: 0
Likes:
Last Online: Apr 19, 2024 23:51:17 GMT
|
Post by Deleted on Apr 6, 2019 20:26:15 GMT
I agree the log in page is HTTPS which is good but everywhere else is not. That’s a fact, not an opinion. Like I said, don’t shoot the messenger. They save a little money not going to full security but trust me, they will. And to clarify something you said earlier about “privacy,” I never used that word. I said security, which in fact people can and should expect online. That is what is driving all the e commerce and online banking.
|
|
BogoGog24
Administrator
I'm off again in my world...
Join Date: Mar 14, 2015 12:38:58 GMT
Posts: 14,687
Likes: 39,028
Last Online: Apr 19, 2024 17:54:07 GMT
|
Post by BogoGog24 on Apr 6, 2019 20:44:09 GMT
I mean I've been using this site for years and if this has always been a problem, it doesn't seem me or anyone else has had an issue concerning hacking or anything else. So for what it's worth, we're probably all fine. I don't think most people would bother coming into a small Avril Lavigne fansite to try to obtain information. Hackers would probably more likely try to get into your Amazon account or something with money attached to it. I've had people hack into my Kohl's account and order a bunch of stuff and people try to leech off my Hulu account. Stuff like that. They won't get anything out of hacking into a fansite account and this site is so obscure I doubt they'd really think to look here.
|
|
Uncle Bob
Administrator
Retired admin at avrillavigne.com
I hope someday to be the man my dog thinks I am.
Join Date: Mar 13, 2015 23:28:50 GMT
Posts: 2,530
Likes: 5,839
Last Online: Apr 19, 2024 23:13:17 GMT
|
Post by Uncle Bob on Apr 6, 2019 20:47:45 GMT
I agree the log in page is HTTPS which is good but everywhere else is not. That’s a fact Finally we agree. We have HTTPS where we need it. We don't need it "everywhere else" because that is totally open to the public. It's foolish to expend resources protecting nothing. We have Fort Knox to protect the gold. We don't need Fort Knox to protect the aluminum.
|
|
Deleted
Deleted Member
Join Date: Apr 19, 2024 23:51:17 GMT
Posts: 0
Likes:
Last Online: Apr 19, 2024 23:51:17 GMT
|
Post by Deleted on Apr 6, 2019 21:23:26 GMT
Yeah, I agree that we are probably as “safe” here as any other fan site. This got my attention when out of nowhere I was being asked to log in every time I came back, which is suspicious as logging in is the Holy grail of exposure to hacks. And of course let’s not forget the tidbit that was reported here years ago that “Avril Lavigne” was the number one search term that had the greatest chance to lead you to a bogus site out to hack you.
So I rest my case. Thanks all for the imput and research and let’s carry on......back to the no news era we are in. Haha 🤣
|
|
birdie2020
Member
Join Date: Feb 17, 2019 20:43:58 GMT
Posts: 2,782
Likes: 3,459
Last Online: Apr 18, 2020 21:41:08 GMT
|
Post by birdie2020 on Apr 6, 2019 22:07:37 GMT
I will say this about it, yes the log in page seems secure and so is the proboards page when you change your password. I agree that we probably aren't going to get info hacked, I mean my whole real name isn't entered anywhere on this site when I registered. I was thinking in terms more of viruses etc. since that was what killed BA 1.0. Just thinking that I would hate to see that happen again. Understand that it's public access to what we are saying here as I can read it without signing in.
|
|
Uncle Bob
Administrator
Retired admin at avrillavigne.com
I hope someday to be the man my dog thinks I am.
Join Date: Mar 13, 2015 23:28:50 GMT
Posts: 2,530
Likes: 5,839
Last Online: Apr 19, 2024 23:13:17 GMT
|
Post by Uncle Bob on Apr 6, 2019 22:42:10 GMT
Just to be clear about what happened to the original bandaids site. There were never any viruses on that site. Some people got infected by clicking on links that took them away from bandaids. These links were allowed to be posted by a bot that was able to create an admin account on about 5000 sites that were using the same forum software. All of those sites, including bandaids, failed to delete an installation folder that allowed the attack. If the instructions had been followed, the site would not have been vulnerable. oops. The site was accidentally crashed for good when the installation of an upgrade to the forum software stalled. That upgrade would have solved all the problems. However, nobody on the staff had the expertise (or perhaps the time) needed to recover from that upgrade failure.
If anyone is having to log in on every visit, that is usually a function of your cookie settings. If your cookies are cleared every time you close your browser, you will have to log in every time you visit this site. This can happen when settings are manually changed in the OS or when software like CCleaner is installed.
|
|
Deleted
Deleted Member
Join Date: Apr 19, 2024 23:51:17 GMT
Posts: 0
Likes:
Last Online: Apr 19, 2024 23:51:17 GMT
|
Post by Deleted on Apr 6, 2019 22:43:33 GMT
Good info. Another reason why 🍏 is so much superior to everything else. No comparison. Hands down. Numero uno.
😉
|
|
Uncle Bob
Administrator
Retired admin at avrillavigne.com
I hope someday to be the man my dog thinks I am.
Join Date: Mar 13, 2015 23:28:50 GMT
Posts: 2,530
Likes: 5,839
Last Online: Apr 19, 2024 23:13:17 GMT
|
Post by Uncle Bob on Apr 6, 2019 23:09:12 GMT
Good info. Another reason why 🍏 is so much superior to everything else. No comparison. Hands down. Numero uno. 😉 I think your last post belongs in the unpopular opinion thread. IOS and Linux are both variants of Unix and therefore superior to anything put out by Microsoft. I think Linux has more going for it because it is open sourced.
|
|
Deleted
Deleted Member
Join Date: Apr 19, 2024 23:51:17 GMT
Posts: 0
Likes:
Last Online: Apr 19, 2024 23:51:17 GMT
|
Post by Deleted on Apr 7, 2019 0:34:35 GMT
Ha. Glad you agree. 👍🏽
|
|
BogoGog24
Administrator
I'm off again in my world...
Join Date: Mar 14, 2015 12:38:58 GMT
Posts: 14,687
Likes: 39,028
Last Online: Apr 19, 2024 17:54:07 GMT
|
Post by BogoGog24 on Apr 8, 2019 14:16:51 GMT
I just updated my iPhone and now I’m getting the not secure thing. And I’ve gotten it with another website I tried to visit too. Maybe it’s a bug with the upgrade?
|
|
Deleted
Deleted Member
Join Date: Apr 19, 2024 23:51:17 GMT
Posts: 0
Likes:
Last Online: Apr 19, 2024 23:51:17 GMT
|
Post by Deleted on Apr 8, 2019 14:42:20 GMT
Are you having to sign in more often as well?
|
|