Since when has iceinspace.com.au become "not secure"
The HTTPS has disappeared
I have tried to reload it from google and it still comes up in the address bar as not secure:question:

Google changed the way Chrome worked to better highlight sites that are not using SSL (HTTPS, Port 443). I do not know if Ice In Space historically used a SSL certificate but it currently does not. Hence it shows as "Not Secure".

Ron it hasn't been secure since Lewis joined on 24-08-2012.

:D

Looking at Crazy Domains who look after my webpage....they can add SSL from $24 to $180 per year.
https://www.crazydomains.com.au/ssl-certificates/

Without going in to too many details it is actually possible to get a free SSL certificate. Free certificates are usually only valid for 90 days however it is also possible to automate renewal.

If it's not secure then I will have to think really hard about
remaining on iceinspace.com.au.:question:

PS why was the security tab removed??????

You can get a free SSL cert from most hostile providers and it’s easy as pie to set up. Ron, whether it’s secure or not won’t affect us as users of the site in any way. SSL is really just a way of allowing online (financial) transactions To be carried out safely by encrypting the sensitive data. So for sites like IIS where you’re just reading stuff, it doesn’t matter a jot!

Ron,

What your browser is telling you is that you don't have an encrypted connection to the IIS web site. The data that you see when you look at a forum post was sent to you in clear text. If this was an internet banking site that would be something to worry about. On an astro forum I think the potential for mischief is pretty limited and I'm not particularly worried about it...

Cheers,
Rick.

I am a hack hacker, so I wouldn't worry.

I managed to get Mike Sidonio's bank details and sell them to the Dutch Antilles Mafia, but they said they already had enough debt...

Hmmm, 24-08-12...6th wedding anniversary...mustn't have been doing anything worthwhile :whistle:

Hi,

Unlikely, but since it is not encrypted and assuming you are on wireless to your router, your next door neighbour or someone in a car out the front of your house can look at what you are sending to IIS, grab your password and id and then change it and impersonate you.

They could also intercept bank account details, and postal addresses when you send a pm to someone offering to pay someone for something you bought off iceinspace.

Just saying.....

p.s of course you could provide your own security via a vpn.

Yup, I "dial in" from A different country every time :)

I am currently in Macedonia :lol:

I don't bother but

https://www.expressvpn.com/blog/non-encrypted-http-sites/

or maybe IIS should move to the dark web :P

Great answer to a reasonable ask ?

No one has answered the question, why the security was removed?
In a world were Cyber security is a must,it seems strange to reduce security not increase it.?
The part of my post suggesting I may leave IIS was partly done with tongue
in cheek,but the main question was in my opinion legitimate.

The security was never removed. It was never there in the first place. Google has decided that if you browse to a site that does not use ssl it will tell you by placing the words Not Secure in the browser bar. In a similar way if the site does use ssl they will place a padlock in the browser bar, informing you the the browser will encrypt your data stream.

They are simply telling you that the site does not encrypt your data stream and consequently that anyone can eavesdrop what you type and send to the site, no one has changed anything.

The padlock also tells you that the website you are browsing is in fact IIS (if it used SSL) and not some dodgy mirrored site in the Dutch Antilles that has hijacked your browser:)

At the end of the day, I wouldn't worry, as others have said it's not a banking site, and IIS does not have enough traffic to be a great target for hackers, and I trust my neighbours. However in this day and age its basic internet sanitation to secure your site.

Note the CloudyNights url https://www.cloudynights.com/ it is https not http so it is secure; and so google displays a padlock.


EDIT: I am not advertising CloudyNights just trying to explain something to Ron, hope I havn't breached TOS

Cheers
Paul

Classic:rofl:

I thought ISS had the HTTPS to show it was secure?

Mounting a man-in-the-middle attack is not entirely trivial, so perhaps it would be better to say thay "someone" could eavesdrop :)



Nup, Ron. The only thing that changed is that your browser has started to complain. We've all been using IIS insecurely for years and it hasn't killed us :lol:

I'm also disappointed that the lock doesn't mean anything. It used to be gold too. :shrug:

It seriously is not hard to implement a free SSL cert and secure the site. HTTPS has become the norm for websites and IMO should be implemented.

For anyone that uses the same username and password to login to IceInSpace as they do other websites I would seriously consider changing it.