Posts | ||
---|---|---|
site-wide SSL | Locked | |
Thread Options | ||
Oct 1 2011 Anchor | ||
Please provide site-wide usage of SSL (https). This has two benefits:
More information on how vulnerable your users are is available here: Eff.org |
||
Oct 1 2011 Anchor | ||
Don't you find it strange that the site that makes FireSheep doesn't use HTTPS? EFF doesn't use HTTPS either. All you need to install then is a keylogger to get users name/password and the people most vulnerable to hacks are the ones who go to questionable sites. Questionable being ones that normally do warez & porn. -- Go play some Quake 2: q2server.fuzzylogicinc.com |
||
|
Oct 1 2011 Anchor | |
Sitewide SSL is good in theory, but it has drawbacks: 1) We would need to effectively double the number of servers we have and also purchase SSL accelerator cards because serving things like media via SSL is painfully slow and heavy on CPU. Yes i've read the comments on the Firesheep page saying Google implemented it site wide with no impact, but unfortunately we do not have the resources of Google to implement and code our own SSL engines. Edited by: Greg -- Greg |
||
Oct 1 2011 Anchor | ||
@TheHappyFriar: No, it is not strange because you are wrong. They both support SSL (https) as you can see:
The hyperlink takes you to an https website. Maybe try following links in posts to see what they are about before you make blind accusations. Also SSL isn't supposed to stop keylogging, it is session hijacking, meaning more or less internet identity theft. Please also learn meanings of terms before again, making up junk. EDIT: Thanks for the feedback Greg, I'm glad to see at least this issue was considered by Desura. Hopefully when you guys grow in the future you guys can make the change so I can browse from work Edited by: thatdude |
Only registered members can share their thoughts. So come on! Join the community today (totally free - or sign in with your social account on the right) and join in the conversation.