Turbobricks Forums

Turbobricks Forums (https://forums.tbforums.com/index.php)
-   website & board (https://forums.tbforums.com/forumdisplay.php?f=10)
-   -   Forum is NOT secure (https://forums.tbforums.com/showthread.php?t=331640)

epborden 04-08-2017 02:56 PM

Forum is NOT secure
 
The site is not secured with a security certificate and HTTPS. This makes this site vulnerable in that anyone who logs in is subject to a MITM (man-in-the-middle) attack making them vulnerable. Other attacks can easily: take the site down completely, hijack files on the site to deliver malicious content, or leak every single users information including the administrators. This is irresponsible and it is my recommendation that the site be secured properly.

centason 04-08-2017 03:02 PM

Quote:

Originally Posted by epborden (Post 5591599)
The site is not secured with a security certificate and HTTPS. This makes this site vulnerable in that anyone who logs in is subject to a MITM (man-in-the-middle) attack, and other attacks not least of which can a) take the site down completely, b) hijack files on the site to delivery malicious content, and c) leak every single users information including the administrators. This is irresponsible and it is my recommendation that the site be secured properly.

:uh: we're not high on the traffic ratio. If someone wants to hijack pictures of 7/9 cars and hold them for ransom, they have other issues. Most all of us use our phones more here anyways, and understands the NSA watches this site because of the communist views everyone holds.

Kenunot 04-08-2017 03:52 PM

oh snap

I suspected there was a Russian influence in the best looking rwd Volvo poll.

Shifted 04-08-2017 03:56 PM

No all the KGBs are fapping in the curvy girls thread. :nod:

BonerInSweatPants 04-08-2017 07:52 PM

Quote:

Originally Posted by Shifted (Post 5591625)
No all the KGBs are fapping in the curvy girls thread. :nod:

WELL, IT LOOKS LIKE ME N' THE COMMIES HAVE AT LEAST ONE THING IN COMMON</a>

Kenunot 04-08-2017 07:56 PM

Someone say curvy Russian women?

<iframe width="560" height="315" src="https://www.youtube.com/embed/5CaMUfxVJVQ" frameborder="0" allowfullscreen></iframe>

woodenpudden 04-09-2017 09:35 AM

Quote:

Originally Posted by epborden (Post 5591599)
The site is not secured with a security certificate and HTTPS. This makes this site vulnerable in that anyone who logs in is subject to a MITM (man-in-the-middle) attack making them vulnerable. Other attacks can easily: take the site down completely, hijack files on the site to deliver malicious content, or leak every single users information including the administrators. This is irresponsible and it is my recommendation that the site be secured properly.

Admins should provide you with login creds so you can assist them in securing, yes?

shellshock 04-09-2017 12:00 PM

I just came here for the best price Polo™ shirts.

Powder>Paint 04-09-2017 12:51 PM

Quote:

Originally Posted by Shifted (Post 5591625)
No all the KGBs are fapping in the curvy girls thread. :nod:

i love me some curvy girl.

Broke4speed 04-09-2017 12:56 PM

I was told there would be horny neighbourhood women waiting for me here...

240240 04-09-2017 01:32 PM

Quote:

Originally Posted by Broke4speed (Post 5591907)
I was told there would be horny neighbourhood women waiting for me here...

Hi

http://stream1.gifsoup.com/view7/201...hy-smile-o.gif

TalkingGoats 04-09-2017 06:52 PM

I'm poor and boring and when I realized this I stopped caring as much.

Kannapolis eh? Less than 10 minutes down 29 if you ever need to borrow some tinfoil ����

Turbo Joe 04-09-2017 09:10 PM

I miss the Ugg boot ads

buzz 04-09-2017 09:35 PM

Quote:

Originally Posted by Turbo Joe (Post 5592037)
I miss the Ugg boot ads

Sorry. ;-)

epborden 04-10-2017 12:06 AM

Lol, ok guys. Just trying to help. I'll even buy and implement it myself if it is trouble.

Until then I will just enjoy unsecured, curvy Russian women.

DMFWallace 04-10-2017 12:12 AM

Quote:

Originally Posted by epborden (Post 5592115)
Just trying to help.

Mistake #1

MrBill 04-10-2017 11:02 AM

Quote:

Originally Posted by epborden (Post 5592115)
Lol, ok guys. Just trying to help. I'll even buy and implement it myself if it is trouble.

Until then I will just enjoy unsecured, curvy Russian women.

Did you just take security+ or something?

epborden 04-10-2017 11:44 AM

Quote:

Originally Posted by MrBill (Post 5592254)
Did you just take security+ or something?

No, why do you ask? Pretty standard procedures for websites that have user databases and login forms. Makes sense to me.

Ursan 04-10-2017 11:52 AM

Yeah, it's not like anyone would ever threaten a sitting POTUS with assassination a second time. :roll:

MrBill 04-10-2017 12:36 PM

Quote:

Originally Posted by epborden (Post 5592300)
No, why do you ask? Pretty standard procedures for websites that have user databases and login forms. Makes sense to me.

I just think you have a jaded expectation of privacy for a silly little car forum like this.

CAPT_BLOTTO 04-10-2017 01:01 PM

http://i.imgur.com/iVHfwLc.gif
http://68.media.tumblr.com/81b28e604...shaw23_500.gif

epborden 04-10-2017 01:01 PM

Quote:

Originally Posted by MrBill (Post 5592329)
I just think you have a jaded expectation of privacy for a silly little car forum like this.

It's not necessarily about privacy so much as it is about security.

An example would be that the website could be potentially used as a platform to deliver malicious content to end users. That content could then be used to capture their data, even important data not used on this site, such as credit card information. That is possible because the website was used as a vector to deliver the malicious content on to their computer. Not everyone is educated to the point where they would be informed as to what to look for and therefore have almost no idea it was occurring to them.

That's important, and I've seen insecure forums, even small ones, targeted to such a degree where the example scenario was a real problem.

The degree in which this site in particular operates is up for debate, but the responsible and mature thing to do would be to implement a solution so that the example scenario, and other scenarios like it, may not have a chance to occur.

However, if the administrators (Garrett Kirkland, in particular) deem it completely unnecessary for their reason of choice, the post can simply be deleted.

Ursan 04-10-2017 03:09 PM

Who is Garrett Kirkland?

Dan 04-10-2017 03:10 PM

Garrett started TB, then Dana took over

epborden 04-10-2017 03:19 PM

Quote:

Originally Posted by Dan (Post 5592429)
Garrett started TB, then Dana took over

Not sure what capacity Dana has with the domain and hosting. Garrett is still on the whois publicly, though.


All times are GMT -4. The time now is 08:12 AM.

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2018, vBulletin Solutions Inc.