General discussion

Locked

TechRepublic - Secure connection

By trsbrn ·
Tags: Off Topic
It is expected that websites that require a user name and password also provide a (https) secure connection. Why doesn't TechRepublic support secure connections?

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Why do you think this is so?

by HAL 9000 Moderator In reply to TechRepublic - Secure con ...

Does TR ask you for anything except a User Name & Password to log in so you can post?

Does TR in any way ask for money and give you space to enter your Bank Account or Credit Card Details?

Any site that has Financial Transactions except the Membership Fees of that site should have a HTTPS setup but sites that just require you to log in to post and confirm you are who you say you are don't require a Secure Connection.

For instance have you looked at Face Book or Twitter recently and seen a HTTPS prefix? Granted the My Face and Tweeber Crowds need protection from themselves but if they are silly enough to use sites like that they get exactly what the deserve.

Col

Collapse -

Basic authentication in HTML does not require the use of SSL.

This method has been employed for some 20 years or more. Just because
you enter a user name and password does not mean the site is SSL or
"secure".

Collapse -

TechRepublic - Secure connection

by trsbrn In reply to TechRepublic - Secure con ...

There is software that can be used to sniff out the details in packets transmitted during session (e.g. firesheep). This might make it possible to hijack someones account if you for example are using a public wifi service.

Collapse -

SO????

by HAL 9000 Moderator In reply to TechRepublic - Secure con ...

It's still a Nonsecure system that was never designed for anything of a Financial Nature. Just like My Face and Tweeber.

You shouldn't be using the same User Name & Password that you use for your Bank Account for On Line Banking just like Best Practices tell us all.

Col

Collapse -

There's little benefit with respect to the overhead.

by seanferd In reply to TechRepublic - Secure con ...

What can happen if someone gets your TR login creds? Not much.

That said, I'd personally prefer something better (more secure, low overhead) than SSL for all connections.

Back to After Hours Forum
5 total posts (Page 1 of 1)  

Related Discussions

Related Forums