Author Topic: Insecure Connection to DTF  (Read 1849 times)

stargatedalek

  • Holocene survivor
  • **********************
  • Posts: 4883
  • Kawaii in the streets, and everywhere else I hope.
    • View Profile
  • Dinosaur: Fratercula arctica
Re: Insecure Connection to DTF
« Reply #20 on: March 11, 2020, 11:32:53 PM »
Fair enough. The issue of an insecure site is always about third parties, a site has everything you send to it anyway so it's not about Firefox thinking the DTF itself isn't trustworthy.

Firefox isn't thinking that, it is just saying that it can't guarantee this site is trustworthy. It sees the data input fields, it sees that the site is http and not https, and thinks "ooh, hello, I can't guarantee this isn't a scam site, I better warn the user just in case".
That isn't what it told me. It says specifically when I select more information that it sends the warning because "unencrypted data can be read by third parties". If I'm sending data to a website the website can see and read that data anyway. Encryption is to protect third parties from seeing it.


dinotoyforum

  • Dr Admin
  • Administrator
  • Ultimate survivor
  • *****
  • Posts: 6760
  • Boy, do I hate being right all the time!
    • View Profile
    • The Dinosaur Toy Blog
  • Dinosaur: Rhomaleosaurus
  • v.1 status and posts: Admin (3,739 posts)
Re: Insecure Connection to DTF
« Reply #21 on: March 12, 2020, 02:50:03 PM »
Fair enough. The issue of an insecure site is always about third parties, a site has everything you send to it anyway so it's not about Firefox thinking the DTF itself isn't trustworthy.

Firefox isn't thinking that, it is just saying that it can't guarantee this site is trustworthy. It sees the data input fields, it sees that the site is http and not https, and thinks "ooh, hello, I can't guarantee this isn't a scam site, I better warn the user just in case".
That isn't what it told me. It says specifically when I select more information that it sends the warning because "unencrypted data can be read by third parties". If I'm sending data to a website the website can see and read that data anyway. Encryption is to protect third parties from seeing it.

Please could you send me a screenshot of the warning message?


dinotoyforum

  • Dr Admin
  • Administrator
  • Ultimate survivor
  • *****
  • Posts: 6760
  • Boy, do I hate being right all the time!
    • View Profile
    • The Dinosaur Toy Blog
  • Dinosaur: Rhomaleosaurus
  • v.1 status and posts: Admin (3,739 posts)
Re: Insecure Connection to DTF
« Reply #22 on: March 12, 2020, 02:59:02 PM »
Forum passwords are encrypted by the software, by the way. Encryption is to protect a user from any party seeing it. For example, there is no legitimate way for me, as admin - a 'first party' if you like - to see users passwords. But this is related to software rather than https.