Security on mybroadband.co.za

mydoghasworms

Member
Joined
Mar 26, 2012
Messages
16
I don't know how many of you reading this have ever tried switching to HTTPS on this site (mybroadband.co.za). For such a high profile site, I find it unacceptable that it does not work over HTTPS and do so by default.

vKVxj8H.png
 

froot

Honorary Master
Joined
Jun 2, 2009
Messages
11,347
I don't see the need for it either. Other than vB there's nothing else running here, and I don't see why the communication between me and the server needs to be encrypted.
 

Iamnotageek

Expert Member
Joined
Dec 22, 2013
Messages
3,831
With 9 posts under your belt I find it unacceptable to give a rats ass what you think.
 

Milano

Honorary Master
Joined
Feb 7, 2004
Messages
16,752
I find it unacceptable that it does not work over HTTPS and do so by default.

If that is your default position on the matter, don't allow others to adjust your stance. Don't ever visit again as the security level here fails to meet your agency's specifications for the exchange of the highly classified, sensitive material you wish to exchange. You could easily suffer a data breach resulting in your cover being blown.
 
F

Fudzy

Guest
Can confirm, your privacy has been comprimised. I can Google your name and find this thread. Just like all other information on this forum. But then at least most of us can hide in the private forums.
 
F

Fudzy

Guest
Interested to know what facebook.mybroadband.co.za was supposed to be now.
 

Milano

Honorary Master
Joined
Feb 7, 2004
Messages
16,752
We are aware he is currently offline. When will his password be made public? Anyone manage to get his ATM pin?
 

Bar0n

Executive Member
Joined
Nov 12, 2010
Messages
5,559
I don't know how many of you reading this have ever tried switching to HTTPS on this site (mybroadband.co.za). For such a high profile site, I find it unacceptable that it does not work over HTTPS and do so by default.

vKVxj8H.png

What exactly do you want to encrypt? The mindless drivel we post day in and day out? Is someone monitoring your MyBB traffic, specifically?
 

DrJohnZoidberg

Honorary Master
Joined
Jul 24, 2006
Messages
22,979
The only page that needs to be secure is the login. That would be an issue with the site because there is a login bar on top of each page.
 

ellyally

Expert Member
Joined
Feb 7, 2013
Messages
4,413
What, so when I post my c/card details here on the forum its not secure? *outraged*
 
F

Fudzy

Guest
Nope it doesn't. It should though.

Decided to see what happens when you submit login credentials, this is what's in the request:

Code:
vb_login_username=fudzy&vb_login_password_hint=Password&vb_login_password=&s=&securitytoken=1******922-379b8f*********735353a4a6&do=login&vb_login_md5password=d07******d9bd******44d885&vb_login_md5password_utf=d07*************4d885
 

Packer

Senior Member
Joined
May 23, 2014
Messages
652
What exactly do you want to encrypt? The mindless drivel we post day in and day out? Is someone monitoring your MyBB traffic, specifically?

Your point is valid, but it’s important that even drivel is encrypted. If only material worthy of encryption is encrypted, it attracts attention. Encryption should become ubiquitous. The NSA would foam at the mouth with rage.
 

Bar0n

Executive Member
Joined
Nov 12, 2010
Messages
5,559
Your point is valid, but it’s important that even drivel is encrypted. If only material worthy of encryption is encrypted, it attracts attention. Encryption should become ubiquitous. The NSA would foam at the mouth with rage.

The NSA provided a lot of the encryption keys anyway. ;)

[video=youtube;ulg_AHBOIQU]https://www.youtube.com/watch?v=ulg_AHBOIQU[/video]
 

ToxicBunny

Oi! Leave me out of this...
Joined
Apr 8, 2006
Messages
107,148
Your point is valid, but it’s important that even drivel is encrypted. If only material worthy of encryption is encrypted, it attracts attention. Encryption should become ubiquitous. The NSA would foam at the mouth with rage.

Not really....

The have more than their own fair share of MoM systems.. and most ppl are still using TLS 1.0 which is about as secure as shouting whatever you're posting from the roof tops.
 
Top