Welcome Guest Search | Active Topics | Members | Log In | Register

Site Security Options · View
gav
Posted: Monday, August 4, 2014 4:15:00 AM

Rank: Code Monkey
Moderator

Joined: 12/25/2006
Posts: 1,473
Location: Syd, Australia
Hi

As of today, the site is running over SSL (HTTPS) for all traffic. This will ensure that communication between your browser and server cannot be intercepted by any bad guys.

When a site is running over a non secure connection (HTTP) and you access the site over a public wi-fi connection, your password and other personal information could potentially be captured from a "man in the middle" attack. There is also the danger of a session hijacking.

I suggest everyone updates their passwords.

Happy Lushing

gav

Note
If anyone finds any page that contains insecure items (where the padlock in your address bar doesn't show its secure) then please let me know. You will be rewarded with a handsome bounty.

Liz
Posted: Monday, August 4, 2014 4:20:14 AM

Rank: Scarlet Seductress
Moderator

Joined: 1/22/2013
Posts: 7,224
Location: In the sweet shop, United Kingdom
gav wrote:

Note
If anyone finds any page that contains insecure items (where the padlock in your address bar doesn't show its secure) then please let me know. You will be rewarded with a handsome bounty.


I take it this does not include profile pages which give you the old, '...this page includes other resources which are not secure...'?



noll
Posted: Monday, August 4, 2014 5:26:28 AM

Rank: Ping Kong

Joined: 7/4/2013
Posts: 2,961
Location: Basement
gav wrote:
As of today, the site is running over SSL (HTTPS) for all traffic.

Awesome!

gav wrote:
This will ensure that communication between your browser and server cannot be intercepted by any bad guys.

Or women! ;)



Guest
Posted: Monday, August 4, 2014 10:04:48 AM

Rank: Lurker

Joined: 12/1/2006
Posts: 816,696

Does ANYONE know what the Nerdy Fuck is talking about?

I mean, I know we NEED him but Jesus!

JUST ONCE, I would like to read a post by Gav and know WHAT THE FUCK he was talking about!!!

xx SF

Gav: "Fuck You."

Me: "See, THAT I understood..."
Dani
Posted: Monday, August 4, 2014 10:09:44 AM

Rank: Big-Haired Bitch
Moderator

Joined: 12/25/2010
Posts: 7,208
Location: Under Your Bed, United States
stephanie wrote:

Does ANYONE know what the Nerdy Fuck is talking about?

I mean, I know we NEED him but Jesus!

JUST ONCE, I would like to read a post by Gav and know WHAT THE FUCK he was talking about!!!

xx SF

Gav: "Fuck You."

Me: "See, THAT I understood..."


Fuck!

This is hilarious. laughing9



NymphWriter
Posted: Monday, August 4, 2014 10:13:01 AM

Rank: Unicorn Rider

Joined: 8/1/2012
Posts: 4,205
Location: The Dark Corners of My Mind..., United States
stephanie wrote:

Does ANYONE know what the Nerdy Fuck is talking about?

I mean, I know we NEED him but Jesus!

JUST ONCE, I would like to read a post by Gav and know WHAT THE FUCK he was talking about!!!

xx SF

Gav: "Fuck You."

Me: "See, THAT I understood..."


Basically, you Irish Cunt, if you look at where you'd type "www.lushstories.com" you should see a green padlock in the left hand corner. Here's a hint, it should be at the top of your page, near the top of your computer/laptop screen.

That being said... thanks for the laugh... you do know how to make an American girl giggle. kekekegay

Guest
Posted: Monday, August 4, 2014 10:14:28 AM

Rank: Lurker

Joined: 12/1/2006
Posts: 816,696
stephanie wrote:

Does ANYONE know what the Nerdy Fuck is talking about?

I mean, I know we NEED him but Jesus!

JUST ONCE, I would like to read a post by Gav and know WHAT THE FUCK he was talking about!!!

xx SF

Gav: "Fuck You."

Me: "See, THAT I understood..."

He has made the secure as can be seen by the padlock up in the address bar.

When used at a public wifi spot such as Starbucks it's not secure and your info can be stolen by hackers.

If you see a page without the padlock let him know and he will fix it.




I think that's all of it
Adagio
Posted: Monday, August 4, 2014 11:05:35 AM

Rank: Forum Guru

Joined: 1/24/2013
Posts: 2,276
Wat him said dontknow
Lucky_lilDragonfly
Posted: Monday, August 4, 2014 11:45:24 AM

Rank: Blackhawk babe

Joined: 10/12/2013
Posts: 218
Location: WORLD SERIES CHAMPS, CHICAGO CUBBIES!!!!!, United
my address shows its not secure. what should i do?

RejectReality
Posted: Monday, August 4, 2014 12:04:28 PM

Rank: Forum Guru

Joined: 1/29/2012
Posts: 213
Location: Alternate Reality, United States
https://www.lushstories.com/membership/friends-list.aspx
https://www.lushstories.com/gold.aspx

And when I hit reply, I noticed that the post message screen is the same.

Not an unsecured connection, but pages containing resources that aren't secure.

Guest
Posted: Monday, August 4, 2014 2:05:38 PM

Rank: Lurker

Joined: 12/1/2006
Posts: 816,696
adagio_sabadicus wrote:
Wat him said dontknow


FINALLY!!!!!

Myself and my (TALENTED!) fellow-site-member agree on something!

Adagio, THANK YOU for making me laugh, Dear Man!

xx Steph.

sprite
Posted: Monday, August 4, 2014 2:34:34 PM

Rank: Her Royal Spriteness
Moderator

Joined: 6/18/2010
Posts: 20,298
Location: My Tower, Spain
so... believe it or not, i am more clueless than Steph... does this mean we need to create a new password? Embarassed



Love not hate.
VanGogh
Posted: Monday, August 4, 2014 2:37:39 PM

Rank: Sarcastic Coffee Aficionado

Joined: 2/10/2012
Posts: 3,952
Location: Vancouver, Canada
gav wrote:

Note
If anyone finds any page that contains insecure items (where the padlock in your address bar doesn't show its secure) then please let me know. You will be rewarded with a handsome bounty.



Hi Gav

Great update! I have signed on (obviously), and the main page and the forum show the green padlock (which I presume ensures it is safe/secure). On this thread, typing in a reply, the bar shows the padlock not green with a yellow yield icon.

Is that secure?

On my own member page, the padlock with the yellow yield icon is showing. I just tried Buz's page ... still the yellow yield icon. Gav's page (yup, yours) shows a green padlock ....

so .... what does this mean, Guru-Gav?

Van

PS .... I changed my password, and it still is a yellow yield icon over my padlock. crybaby
Guest
Posted: Monday, August 4, 2014 3:13:50 PM

Rank: Lurker

Joined: 12/1/2006
Posts: 816,696
NymphWriter wrote:

That being said... thanks for the laugh... you do know how to make an American girl giggle. kekekegay


I know how to make an American Girl do a LOT of things, Tiny Doll...

xx SF
RejectReality
Posted: Monday, August 4, 2014 3:15:53 PM

Rank: Forum Guru

Joined: 1/29/2012
Posts: 213
Location: Alternate Reality, United States
The reason some profiles are showing the yield icon is probably because they are displaying images linked from outside servers.

Now that I think about it, that's probably the same thing that's happening with the "post reply". I imagine if I tried hard enough, I could find a thread with no external images in the preview, and it would show green. Odds are that someone in the thread has an externally linked image in their sig line that's causing the yield icon.

EDIT: That makes no sense. It would show the yield when viewing the thread in that case. What was I thinking? But anyway, back to my original post.

Doesn't really explain the "friends" page, though. Only thing I can think of there is that some of the avatars are external links, even though that's not common practice in forum software. They're typically copied and stored locally even when taken from an external source *shrug*

Only glanced at the gold page and didn't see anything obvious that would cause it.

MostPreciousLittle
Posted: Monday, August 4, 2014 3:45:50 PM

Rank: MostPreciousLittle

Joined: 11/14/2013
Posts: 9,045
Location: An angel dropped down from heaven
I was using the new feature of trying to change my avatar with a picture already uploaded and I got an error message.

it won't let me pick my picture so I just uploaded the pic I wanted.



Dreamer90
Posted: Monday, August 4, 2014 4:08:53 PM

Rank: Forum Guru

Joined: 12/29/2013
Posts: 364
Location: Stuck in '68, Germany
daddysweetheart wrote:
I was using the new feature of trying to change my avatar with a picture already uploaded and I got an error message.

it won't let me pick my picture so I just uploaded the pic I wanted.



I had the same problem.

gav
Posted: Tuesday, August 5, 2014 12:18:38 AM

Rank: Code Monkey
Moderator

Joined: 12/25/2006
Posts: 1,473
Location: Syd, Australia
Ok all the holes have been plugged, there should be no SSL exclusions except for profile pages with a grooveshark player. I spoke with grooveshark today, they are aware of the issue but couldn't provide a date as to when it might be fixed.

WellMadeMale
Posted: Tuesday, August 5, 2014 1:09:47 AM

Rank: Constant Gardener

Joined: 9/30/2009
Posts: 10,861
Location: Cakeland, United States
gav wrote:
Ok all the holes have been plugged, there should be no SSL exclusions except for profile pages with a grooveshark player. I spoke with grooveshark today, they are aware of the issue but couldn't provide a date as to when it might be fixed.



Solid work, mate! Thanks~

Obscenity is the last refuge of an inarticulate motherfucker.
Callisto
Posted: Tuesday, August 5, 2014 5:44:07 AM

Rank: Rocker of the cocker
Moderator

Joined: 8/23/2010
Posts: 3,583
Location: A secret, United States
daddysweetheart wrote:
I was using the new feature of trying to change my avatar with a picture already uploaded and I got an error message.

it won't let me pick my picture so I just uploaded the pic I wanted.



This is fixed now, can you try again please .
MostPreciousLittle
Posted: Tuesday, August 5, 2014 8:28:11 AM

Rank: MostPreciousLittle

Joined: 11/14/2013
Posts: 9,045
Location: An angel dropped down from heaven
Callisto wrote:


This is fixed now, can you try again please .


let me try it again

BRB



MostPreciousLittle
Posted: Tuesday, August 5, 2014 8:32:23 AM

Rank: MostPreciousLittle

Joined: 11/14/2013
Posts: 9,045
Location: An angel dropped down from heaven
Callisto wrote:


This is fixed now, can you try again please .


it worked.

but I left a comment this morning on a poem, and there's 11 of the same comments from my tablet and I can't delete any of them.



Liz
Posted: Tuesday, August 5, 2014 9:08:31 AM

Rank: Scarlet Seductress
Moderator

Joined: 1/22/2013
Posts: 7,224
Location: In the sweet shop, United Kingdom
daddysweetheart wrote:

it worked.

but I left a comment this morning on a poem, and there's 11 of the same comments from my tablet and I can't delete any of them.


I'm liaising with Gav about getting these cleaned up for you.

Liz



MostPreciousLittle
Posted: Tuesday, August 5, 2014 9:14:53 AM

Rank: MostPreciousLittle

Joined: 11/14/2013
Posts: 9,045
Location: An angel dropped down from heaven
Liz wrote:


I'm liaising with Gav about getting these cleaned up for you.

Liz


can you keep one there though please?

does this qualify as a bug? happy8 flower

thanks Liz!

and Gav



MostPreciousLittle
Posted: Tuesday, August 5, 2014 11:11:00 AM

Rank: MostPreciousLittle

Joined: 11/14/2013
Posts: 9,045
Location: An angel dropped down from heaven
I can't watch or listen to my youtube videos?

awwww



noll
Posted: Tuesday, August 5, 2014 11:49:15 AM

Rank: Ping Kong

Joined: 7/4/2013
Posts: 2,961
Location: Basement
daddysweetheart wrote:
I can't watch or listen to my youtube videos?

awwww


Youtube seems to have some issues lately. Don't think it's Lush-related.

TxPrincess
Posted: Tuesday, August 5, 2014 3:25:04 PM

Rank: The Resident Princess

Joined: 10/6/2012
Posts: 334
Location: The Best Part, United States
gav wrote:
Ok all the holes have been plugged, there should be no SSL exclusions except for profile pages with a grooveshark player. I spoke with grooveshark today, they are aware of the issue but couldn't provide a date as to when it might be fixed.



So do i need to take my grooveshark off my profile page?

gav
Posted: Wednesday, August 6, 2014 3:46:22 PM

Rank: Code Monkey
Moderator

Joined: 12/25/2006
Posts: 1,473
Location: Syd, Australia
TxPrincess wrote:


So do i need to take my grooveshark off my profile page?


The risk is low, I think its safe to leave grooveshark for now. I'll monitor the situation, hopefully they can stream the content securely very soon.

ChuckEPoo
Posted: Wednesday, August 6, 2014 4:08:52 PM

Rank: Chuckanator

Joined: 8/30/2013
Posts: 2,519
Location: Oxnard, United States
Guest
Posted: Wednesday, August 6, 2014 8:20:27 PM

Rank: Lurker

Joined: 12/1/2006
Posts: 816,696
Ironically, this page we're on now is the only one I've run across without the padlock.
Users browsing this topic
Guest 


Forum Jump
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

Main Forum RSS : RSS

Powered by Yet Another Forum.net version 1.9.1.6 (NET v4.0) - 11/14/2007
Copyright © 2003-2006 Yet Another Forum.net. All rights reserved.