MaksFly
Topic Author
Posts: 200
Joined: Fri Jun 24, 2016 5:50 am

SSL security

Sun May 14, 2017 7:25 pm

Airliners.net is a terrific forum and now run by a large forum company, Vertical Scope. There is ZERO excuses as to why Airliners.net is not HTTPS/SSL secured.

In this day in age, all logins and posts should be encrypted/secured. People deserve the green lock. =)
 
MaksFly
Topic Author
Posts: 200
Joined: Fri Jun 24, 2016 5:50 am

Re: SSL security

Thu May 18, 2017 9:02 pm

No response?
 
User avatar
PanAm_DC10
Community Manager
Posts: 3889
Joined: Wed Aug 23, 2000 7:37 am

Re: SSL security

Fri May 19, 2017 7:47 am

Hi

I'll check with the developers and verticalscope and get back to you with an answer

Regards

Paul
Ask the impossible to achieve the best possible
 
User avatar
VertScopeJeff
General Manager
Posts: 126
Joined: Thu Mar 02, 2017 3:37 pm

Re: SSL security

Tue May 23, 2017 8:27 pm

Heya Maksfly

We are working on a network-wide rollout on this, no ETA yet but it is in the works.

Google recently change their rating system hence why you see the notice. However, our sites are safe and other latest security precautions have been applied.
https://motherboard.vice.com/en_us/arti ... rome-https

Jeff M
 
rebr
Posts: 178
Joined: Sat Aug 31, 2013 6:26 pm

Re: SSL security

Fri Mar 02, 2018 11:22 am

I just realized the same thing. It's been 9 months. It may not be a 5 minute job to implement HTTPS on a large site, but 9 months is a bit too much isn't it? I agree with the first poster, there is ZERO excuse. "Our sites are safe" is not enough, if I am logging in via HTTP my credentials are still being sent to the server in plain text.
 
User avatar
dxmekch
Posts: 5
Joined: Sun Apr 30, 2017 2:40 pm

Re: SSL security

Tue Mar 06, 2018 7:56 pm

rebr wrote:
I just realized the same thing. It's been 9 months. It may not be a 5 minute job to implement HTTPS on a large site, but 9 months is a bit too much isn't it? I agree with the first poster, there is ZERO excuse. "Our sites are safe" is not enough, if I am logging in via HTTP my credentials are still being sent to the server in plain text.



I have to agree, safety and encryption is not the same thing. There are plenty of free SSL solutions which are community driven and open source. One of the best is Let's encrypt and https://certbot.eff.org/ offers an easy to install for everyone solution. There are many sites outthere that are maybe more complicated in terms of infrastructure / hardware.
 
gmt
Posts: 2
Joined: Tue Mar 07, 2017 6:59 am

Re: SSL security

Thu Mar 22, 2018 12:06 am

I always wondered why such a large forum run by a company is still not using SSL these days. Even all logins are unencrypted.
 
gmt
Posts: 2
Joined: Tue Mar 07, 2017 6:59 am

Re: SSL security

Sun Apr 15, 2018 4:47 pm

No update?
 
metaldirtnskin
Posts: 49
Joined: Sat Sep 24, 2016 9:42 pm

Re: SSL security

Tue Apr 17, 2018 2:45 pm

This is literally the very last site I use on a semi-regular basis that has not yet gone to HTTPS. It can now be done for free. Modern browsers will bark at you before you submit a password to an unencrypted connection (because it's a very bad idea).

A while back I submitted a few photos here and was rewarded with a laundry list of reasons why my photos were not absolutely perfect and were therefore unacceptable. Suppose we held the people who actually run the site to the same standard of perfection... wouldn't that be an interesting experiment?
 
CCGPV
Posts: 595
Joined: Tue Jan 16, 2018 5:18 pm

Re: SSL security

Tue Apr 17, 2018 2:51 pm

metaldirtnskin wrote:
This is literally the very last site I use on a semi-regular basis that has not yet gone to HTTPS. It can now be done for free. Modern browsers will bark at you before you submit a password to an unencrypted connection (because it's a very bad idea).

A while back I submitted a few photos here and was rewarded with a laundry list of reasons why my photos were not absolutely perfect and were therefore unacceptable. Suppose we held the people who actually run the site to the same standard of perfection... wouldn't that be an interesting experiment?


We've been waiting literally years for simple emojis and quote functions. What makes you think they're ever going to implement something that secures user's data?

Its not going to happen folks.
I have all day.
 
User avatar
JohnKrist
Head Support
Posts: 1823
Joined: Sat Jan 22, 2005 11:54 pm

Re: SSL security

Thu Apr 19, 2018 5:03 am

CCGPV wrote:
metaldirtnskin wrote:
This is literally the very last site I use on a semi-regular basis that has not yet gone to HTTPS. It can now be done for free. Modern browsers will bark at you before you submit a password to an unencrypted connection (because it's a very bad idea).

A while back I submitted a few photos here and was rewarded with a laundry list of reasons why my photos were not absolutely perfect and were therefore unacceptable. Suppose we held the people who actually run the site to the same standard of perfection... wouldn't that be an interesting experiment?


We've been waiting literally years for simple emojis and quote functions. What makes you think they're ever going to implement something that secures user's data?

Its not going to happen folks.


I suppose you used to have another account as you have been waiting for years for emojis. Not sure what emojis you mean as the classic airliners.net emojis are all there, and have been for the last year and a half.

Quoting is phpbb standard, and we are looking into if it can be changed. However, there is a priority list, and there are some crew tools that reallly have higher priority than the quote function I’m afraid.
5D Mark III, 7D, 17-40 F4 L, 70-200 F2.8 L IS II, 50mm 1.4, EF 1.4x II, EF 2x III, SPEEDLITE 600EX-RT
 
CCGPV
Posts: 595
Joined: Tue Jan 16, 2018 5:18 pm

Re: SSL security

Thu Apr 19, 2018 2:15 pm

JohnKrist wrote:
CCGPV wrote:
metaldirtnskin wrote:
This is literally the very last site I use on a semi-regular basis that has not yet gone to HTTPS. It can now be done for free. Modern browsers will bark at you before you submit a password to an unencrypted connection (because it's a very bad idea).

A while back I submitted a few photos here and was rewarded with a laundry list of reasons why my photos were not absolutely perfect and were therefore unacceptable. Suppose we held the people who actually run the site to the same standard of perfection... wouldn't that be an interesting experiment?


We've been waiting literally years for simple emojis and quote functions. What makes you think they're ever going to implement something that secures user's data?

Its not going to happen folks.


I suppose you used to have another account as you have been waiting for years for emojis. Not sure what emojis you mean as the classic airliners.net emojis are all there, and have been for the last year and a half.

Quoting is phpbb standard, and we are looking into if it can be changed. However, there is a priority list, and there are some crew tools that reallly have higher priority than the quote function I’m afraid.


Yeah I had a username for probably 10 years and I forgot the password for so I just came up with this one.

The emojis came back a long time after the "upgrade." Good to see all the work being done on the back end first so all the frustrated users posts can be moderated more easily.

Its not like a simple quote function that we use many times a day should be a priority or anything.
I have all day.
 
User avatar
JohnKrist
Head Support
Posts: 1823
Joined: Sat Jan 22, 2005 11:54 pm

Re: SSL security

Thu Apr 19, 2018 3:11 pm

CCGPV, we would gladly have assisted you in retrieving your account :)
The emojis were added about three months after the launch of the blue site. In development cycles that is not too bad counting in all the issues implemented by DM’s manager back then.

And yes, some backend work has been implemented on moderator tools, but even more has been done to other parts of the site. Quoting is not a do or die feature compared to crashes, server instabilities, database maintenance tools and so on. Irritating as it is, that is fact,
5D Mark III, 7D, 17-40 F4 L, 70-200 F2.8 L IS II, 50mm 1.4, EF 1.4x II, EF 2x III, SPEEDLITE 600EX-RT
 
User avatar
hawaiian717
Posts: 3184
Joined: Tue May 18, 1999 2:46 am

Re: SSL security

Thu Apr 19, 2018 3:34 pm

For those commenting on the availability of free TLS certificates from sources like Let's Encrypt, sure you can get the certificate for free, but there's more to it then just getting the certificate. Way back when the site was just a server in Johan's dorm room that would probably have been pretty straight forward, but I imagine now there's a bit more complexity behind the airliners.net server infrastructure these days and a simple Let's Encrypt automated certificate might not be good enough.

But I agree this is getting a little bit silly and I also think this site is about the only one I go to that doesn't do https.

Who is online

Users browsing this forum: qf789 and 4 guests

Popular Searches On Airliners.net

Top Photos of Last:   24 Hours  •  48 Hours  •  7 Days  •  30 Days  •  180 Days  •  365 Days  •  All Time

Military Aircraft Every type from fighters to helicopters from air forces around the globe

Classic Airliners Props and jets from the good old days

Flight Decks Views from inside the cockpit

Aircraft Cabins Passenger cabin shots showing seat arrangements as well as cargo aircraft interior

Cargo Aircraft Pictures of great freighter aircraft

Government Aircraft Aircraft flying government officials

Helicopters Our large helicopter section. Both military and civil versions

Blimps / Airships Everything from the Goodyear blimp to the Zeppelin

Night Photos Beautiful shots taken while the sun is below the horizon

Accidents Accident, incident and crash related photos

Air to Air Photos taken by airborne photographers of airborne aircraft

Special Paint Schemes Aircraft painted in beautiful and original liveries

Airport Overviews Airport overviews from the air or ground

Tails and Winglets Tail and Winglet closeups with beautiful airline logos