Got something to say or just want fewer pesky ads? Join us... 😊

[Technology] NSC "not secure"



Postman Pat

Well-known member
Jul 24, 2007
6,971
Coldean
I'm using NSC in Chrome and getting warnings that the site is not secure.

Snip.PNG

Anyone else seeing this?
 

Springal

Well-known member
Feb 12, 2005
23,682
GOSBTS
Looks like the https:// isn't working
 

Taybha

Whalewhine
Oct 8, 2008
27,110
Uwantsumorwat
When you consider the amount of professional hackers there are on here it's hardly suprising , i remember that Jamie thread and within 5 posts the guy had been genetically mapped back to roman times and was enjoying his fifth pizza delivery in 10 minutes by Mr Mero , it's got something to do with your browser on chrome i believe as i asked the very same question but forgot the answer already .
 


1066familyman

Radio User
Jan 15, 2008
15,185
Don't tell him Pike!
 

studio150

Well-known member
Jul 30, 2011
29,524
On the Border
I'm using NSC in Chrome and getting warnings that the site is not secure.

View attachment 101635

Anyone else seeing this?

I get that at home, but not where I am now .... work

Looks like the https:// isn't working

When you consider the amount of professional hackers there are on here it's hardly suprising , i remember that Jamie thread and within 5 posts the guy had been genetically mapped back to roman times and was enjoying his fifth pizza delivery in 10 minutes by Mr Mero , it's got something to do with your browser on chrome i believe as i asked the very same question but forgot the answer already .

yes, I get the same

See Post 1 in the Housekeeping thread
 


Gwylan

Well-known member
Jul 5, 2003
31,320
Uffern
It's so Bozza can harvest all our bank details. I believe he's putting in a bid for Philip Green's yacht next year
 

beorhthelm

A. Virgo, Football Genius
Jul 21, 2003
35,237
are you giving NSC information that needs to be secured? its only flagging as insecure because its not using HTTPS, its not that the site itself is insecure.

and anyone playing the InitiativeQ game couldnt give a toss anyway.
 


Audax

Boing boing boing...
Aug 3, 2015
2,906
Uckfield
Being rather blunt:

NSC is using vBulletin 4.2.2. It's one of the leakiest options out there, from a security standpoint.

Bozza would be far better off finding the time to do a switch over to something like the open source version of Vanilla. Not only is it free (no licence required), but it's more modern than vB and a whole lot less leaky (they use a service called HackerOne to check for security flaws).
 

Audax

Boing boing boing...
Aug 3, 2015
2,906
Uckfield
are you giving NSC information that needs to be secured? its only flagging as insecure because its not using HTTPS, its not that the site itself is insecure.

It's running on vBulletin 4. It is, by definition, not secure. And that includes when it's in HTTPS mode. It's (very) old software, and well known to be a security sieve.

As far information that needs to be secured, the database here holds, at a minimum, our email addresses. And for those members who are a bit lazy, or not very security conscious, it also holds a password (which may or may not be strongly enough secured) that could be a match for passwords they use on other sites.

More to the point, an insecure site could be used as a host for nasty code that then infects any visiting folks.

I personally make a judgement call with NSC that it's unlikely to be a target for that sort of thing. But I have made sure I use a unique password here, and I do not add any more information to my profile than absolutely required.
 
Last edited:

Audax

Boing boing boing...
Aug 3, 2015
2,906
Uckfield
[MENTION=6886]Bozza[/MENTION] - I've actually just discovered the site doesn't work at all if I try to force https. That's unforgivable and needs addressing.
 


Bozza

You can change this
Helpful Moderator
Jul 4, 2003
55,529
Back in Sussex
[MENTION=6886]Bozza[/MENTION] - I've actually just discovered the site doesn't work at all if I try to force https. That's unforgivable and needs addressing.

Thanks for the advice. It's covered off in the sticky.

Feel free to use another Albion forum until I resolve it.
 

beorhthelm

A. Virgo, Football Genius
Jul 21, 2003
35,237
It's running on vBulletin 4. It is, by definition, not secure. And that includes when it's in HTTPS mode. It's (very) old software, and well known to be a security sieve.

that may be, this isnt what browsers are reporting when showing the "insecure" tag in the address bar.

and it is forgivable not implementing https when there no need for it, no financial transactions or anything sensitive really.
 

father_and_son

Well-known member
Jan 23, 2012
4,646
Under the Police Box
It's running on vBulletin 4. It is, by definition, not secure. And that includes when it's in HTTPS mode. It's (very) old software, and well known to be a security sieve.

As far information that needs to be secured, the database here holds, at a minimum, our email addresses. And for those members who are a bit lazy, or not very security conscious, it also holds a password (which may or may not be strongly enough secured) that could be a match for passwords they use on other sites.

More to the point, an insecure site could be used as a host for nasty code that then infects any visiting folks.

I personally make a judgement call with NSC that it's unlikely to be a target for that sort of thing. But I have made sure I use a unique password here, and I do not add any more information to my profile than absolutely required.

"Seagulls1901" is not a secure password here! (@Bozza - monitor how many people change their password in the next couple of days... I'm sure that a few will use this!)
 



Albion and Premier League latest from Sky Sports

Paying the bills

Latest Discussions

Paying the bills

Paying the bills

Paying the bills


Top
Link Here