America's #1 Online Cigar Auction
first, best, biggest!

Last post 5 years ago by bgz. 23 replies replies.
this site "not secure"?
Jump to Bottom | Previous Topic | Next Topic
frankj1 Offline
#1 Posted: Tue, Aug 21 2018, 1:51 PM EST
Joined: 02-08-2007
Posts: 44,234
been seeing that all of a sudden...

can someone explain this to me? Please type slowly, I am low tech.
bgz Offline
#2 Posted: Tue, Aug 21 2018, 2:54 PM EST
Joined: 07-29-2014
Posts: 13,023
It means don't give them your credit card number.
dstieger Offline
#3 Posted: Tue, Aug 21 2018, 3:03 PM EST
Joined: 06-22-2007
Posts: 10,889
все твои базы принадлежат нам
victor809 Offline
#4 Posted: Tue, Aug 21 2018, 3:09 PM EST
Joined: 10-14-2011
Posts: 23,866
....an all your base reference?... But translated to Russian? Are you mixing your memes? That's it... Too much internet for you young man!
frankj1 Offline
#5 Posted: Tue, Aug 21 2018, 3:30 PM EST
Joined: 02-08-2007
Posts: 44,234
bgz wrote:
It means don't give them your credit card number.

yeah, but why is it suddenly not secure?
frankj1 Offline
#6 Posted: Tue, Aug 21 2018, 3:36 PM EST
Joined: 02-08-2007
Posts: 44,234
just clicked around the site..."my account" comes up secure, home page is secure...just forums are not secure.
victor809 Offline
#7 Posted: Tue, Aug 21 2018, 3:36 PM EST
Joined: 10-14-2011
Posts: 23,866
Drafter told it he thought other sites were thinner... Younger... More attractive...
frankj1 Offline
#8 Posted: Tue, Aug 21 2018, 3:37 PM EST
Joined: 02-08-2007
Posts: 44,234
victor809 wrote:
....an all your base reference?... But translated to Russian? Are you mixing your memes? That's it... Too much internet for you young man!

english was no clearer than ruskie.
frankj1 Offline
#9 Posted: Tue, Aug 21 2018, 3:38 PM EST
Joined: 02-08-2007
Posts: 44,234
victor809 wrote:
Drafter told it he thought other sites were thinner... Younger... More attractive...

insecurity is kind of appealing...or maybe I'm used to insecure people?
DrafterX Offline
#10 Posted: Tue, Aug 21 2018, 3:41 PM EST
Joined: 10-18-2005
Posts: 98,566
They never liked me... Sad
victor809 Offline
#11 Posted: Tue, Aug 21 2018, 3:46 PM EST
Joined: 10-14-2011
Posts: 23,866
Frank .. he was referencing a meme from the late 90s early 2000s which came from a poorly translated Japanese video game.
The phrase is something like "all your base are belong to us"...
He's then translated that phrase to Russian (hence my statement that he's mixing his memes)...

Of course, the real irony is that I suspect the grammar was correct in the Russian translation, and the incorrect grammar is what made the English meme so popular....
bgz Offline
#12 Posted: Tue, Aug 21 2018, 3:57 PM EST
Joined: 07-29-2014
Posts: 13,023
I used to have "all your base are belong to us" bound to a button in my ctf config.
bgz Offline
#13 Posted: Tue, Aug 21 2018, 4:10 PM EST
Joined: 07-29-2014
Posts: 13,023
frankj1 wrote:
yeah, but why is it suddenly not secure?


Alright, alright... I'll tell you.

Any number of things can trigger it, all related to the https protocol and ssl (or tls now).

Since... some recent version of chrome, it just tells you if it's secure or not... not the details.

Anyway... for the forums here, it appears that the forum links will redirect to http from the https link... meaning that any information transmitted through the forums are not secure.

Realistically, cbid should do the opposite, they should redirect http to https and not transmit login tokens through http because in theory they could be hijacked via a "man in the middle" attack (yes mods, you are vulnerable to such attacks).

Then an attacker could get your login credentials and basically hijack your cbid account.

It's not likely to happen though because one... most cigar smokers are technically illiterate.

Two... cbid is unlikely to show up on any for-profit hackers radar due to weak traffic for too little gain.

Three... the most they are going to be able to do is change the shipping address and have a bunch of cigars shipped to somewhere else (but you could just do a chargeback, so you're all good).

So it's actually a **** in cbids armor to behave the way it does, but in reality, it's unlikely to be a problem... though it could be (I doubt it's actually happened... if it did, they would be using https for the forum links).

There's probably some technical reason for it, probably because it will show a big red flag on there if they mixed http/https components and they probably don't want to pay for someone to go in and fix all the sh*tty links. Remember web devs... relative paths are your friend.

For security measures... don't use your "real" passwords for stuff like cbid. By real passwords, I mean ones you use for your bank accounts and other sh*t that matters.
KingoftheCove Offline
#14 Posted: Tue, Aug 21 2018, 4:10 PM EST
Joined: 10-08-2011
Posts: 7,648
I think your tripod is making some Forum members not secure...............prolly sumpin to do wif dat
deadeyedick Offline
#15 Posted: Tue, Aug 21 2018, 5:57 PM EST
Joined: 03-13-2003
Posts: 17,135
bgz wrote:
Alright, alright... I'll tell you.

Any number of things can trigger it, all related to the https protocol and ssl (or tls now).

Since... some recent version of chrome, it just tells you if it's secure or not... not the details.

Anyway... for the forums here, it appears that the forum links will redirect to http from the https link... meaning that any information transmitted through the forums are not secure.

Realistically, cbid should do the opposite, they should redirect http to https and not transmit login tokens through http because in theory they could be hijacked via a "man in the middle" attack (yes mods, you are vulnerable to such attacks).

Then an attacker could get your login credentials and basically hijack your cbid account.

It's not likely to happen though because one... most cigar smokers are technically illiterate.

Two... cbid is unlikely to show up on any for-profit hackers radar due to weak traffic for too little gain.

Three... the most they are going to be able to do is change the shipping address and have a bunch of cigars shipped to somewhere else (but you could just do a chargeback, so you're all good).

So it's actually a **** in cbids armor to behave the way it does, but in reality, it's unlikely to be a problem... though it could be (I doubt it's actually happened... if it did, they would be using https for the forum links).

There's probably some technical reason for it, probably because it will show a big red flag on there if they mixed http/https components and they probably don't want to pay for someone to go in and fix all the sh*tty links. Remember web devs... relative paths are your friend.

For security measures... don't use your "real" passwords for stuff like cbid. By real passwords, I mean ones you use for your bank accounts and other sh*t that matters.


I was just gonna say that but I'm a cigar smoker.
Whistlebritches Offline
#16 Posted: Tue, Aug 21 2018, 7:23 PM EST
Joined: 04-23-2006
Posts: 22,128
bgz wrote:
Alright, alright... I'll tell you.

Any number of things can trigger it, all related to the https protocol and ssl (or tls now).

Since... some recent version of chrome, it just tells you if it's secure or not... not the details.

Anyway... for the forums here, it appears that the forum links will redirect to http from the https link... meaning that any information transmitted through the forums are not secure.

Realistically, cbid should do the opposite, they should redirect http to https and not transmit login tokens through http because in theory they could be hijacked via a "man in the middle" attack (yes mods, you are vulnerable to such attacks).

Then an attacker could get your login credentials and basically hijack your cbid account.

It's not likely to happen though because one... most cigar smokers are technically illiterate.

Two... cbid is unlikely to show up on any for-profit hackers radar due to weak traffic for too little gain.

Three... the most they are going to be able to do is change the shipping address and have a bunch of cigars shipped to somewhere else (but you could just do a chargeback, so you're all good).

So it's actually a **** in cbids armor to behave the way it does, but in reality, it's unlikely to be a problem... though it could be (I doubt it's actually happened... if it did, they would be using https for the forum links).

There's probably some technical reason for it, probably because it will show a big red flag on there if they mixed http/https components and they probably don't want to pay for someone to go in and fix all the sh*tty links. Remember web devs... relative paths are your friend.

For security measures... don't use your "real" passwords for stuff like cbid. By real passwords, I mean ones you use for your bank accounts and other sh*t that matters.


Frank just schit a brick........ya wanna take another swing or just leave this wiff hanging out there?
8trackdisco Offline
#17 Posted: Tue, Aug 21 2018, 7:27 PM EST
Joined: 11-06-2004
Posts: 60,097
frankj1 wrote:
just clicked around the site..."my account" comes up secure, home page is secure...just forums are not secure.


There's a lot of insecurity Here.
frankj1 Offline
#18 Posted: Tue, Aug 21 2018, 7:30 PM EST
Joined: 02-08-2007
Posts: 44,234
Great! I have all my money in tobacco futures.
frankj1 Offline
#19 Posted: Tue, Aug 21 2018, 7:33 PM EST
Joined: 02-08-2007
Posts: 44,234
bgz wrote:
Alright, alright... I'll tell you.

Any number of things can trigger it, all related to the https protocol and ssl (or tls now).

Since... some recent version of chrome, it just tells you if it's secure or not... not the details.

Anyway... for the forums here, it appears that the forum links will redirect to http from the https link... meaning that any information transmitted through the forums are not secure.

Realistically, cbid should do the opposite, they should redirect http to https and not transmit login tokens through http because in theory they could be hijacked via a "man in the middle" attack (yes mods, you are vulnerable to such attacks).

Then an attacker could get your login credentials and basically hijack your cbid account.

It's not likely to happen though because one... most cigar smokers are technically illiterate.

Two... cbid is unlikely to show up on any for-profit hackers radar due to weak traffic for too little gain.

Three... the most they are going to be able to do is change the shipping address and have a bunch of cigars shipped to somewhere else (but you could just do a chargeback, so you're all good).

So it's actually a **** in cbids armor to behave the way it does, but in reality, it's unlikely to be a problem... though it could be (I doubt it's actually happened... if it did, they would be using https for the forum links).

There's probably some technical reason for it, probably because it will show a big red flag on there if they mixed http/https components and they probably don't want to pay for someone to go in and fix all the sh*tty links. Remember web devs... relative paths are your friend.

For security measures... don't use your "real" passwords for stuff like cbid. By real passwords, I mean ones you use for your bank accounts and other sh*t that matters.


haven't purchased here in ages, maybe bid twice in a year or two...so was surprised to see aan active cc listed in my account info.

Typically I do not allow such info to be "kept", can do fine without the convenience. But I can't figure out how to edit it out of my info, so may have to call the Ladies of Cbid.
frankj1 Offline
#20 Posted: Tue, Aug 21 2018, 7:36 PM EST
Joined: 02-08-2007
Posts: 44,234
victor809 wrote:
Frank .. he was referencing a meme from the late 90s early 2000s which came from a poorly translated Japanese video game.
The phrase is something like "all your base are belong to us"...
He's then translated that phrase to Russian (hence my statement that he's mixing his memes)...

Of course, the real irony is that I suspect the grammar was correct in the Russian translation, and the incorrect grammar is what made the English meme so popular....

Ah. I see.
Had this been mixed metaphors I would have had a shot at getting it...cuz, y'know, I'm good wif words and stuff.
Not so good wif mammies.
bgz Offline
#21 Posted: Tue, Aug 21 2018, 10:15 PM EST
Joined: 07-29-2014
Posts: 13,023
frankj1 wrote:
haven't purchased here in ages, maybe bid twice in a year or two...so was surprised to see aan active cc listed in my account info.

Typically I do not allow such info to be "kept", can do fine without the convenience. But I can't figure out how to edit it out of my info, so may have to call the Ladies of Cbid.


All I was trying to do was explain it slowly like you asked... I just got a bit long winded.
delta1 Offline
#22 Posted: Wed, Aug 22 2018, 2:18 PM EST
Joined: 11-23-2011
Posts: 28,819
that's basically a "Caution, Trolls" alert...to fend off potential liability claims from people who suffer injuries to their rears...
bgz Offline
#23 Posted: Wed, Aug 22 2018, 7:30 PM EST
Joined: 07-29-2014
Posts: 13,023
Whistlebritches wrote:
Frank just schit a brick........ya wanna take another swing or just leave this wiff hanging out there?


I can sh*t out tech knowledge all day... if I kept it up, I might overflow the forum.
Users browsing this topic
Guest
Back to Top