Major site security concerns (Full Version)

All Forums >> [Casual Banter] >> Off the Grid



Message

furneaux -> Major site security concerns (1/22/2016 4:39:28 AM)

There are major security issues with this site

1. No SSL at all... no secure login, all done in the clear. Logins should be secured.

2. The entire site is visible to Google! So all profiles are searchable, including via image search, which is a serious privacy issue!

This needs resolving asap. I have raised it with the site operator and I recommend other users do the same.



freedomdwarf1 -> RE: Major site security concerns (1/22/2016 4:48:14 AM)

I use many sites that do not have a secure login and searchable by any search engine you care to use.

I don't consider that a 'serious' issue.
Like anywhere else, secure or otherwise, just use your common sense.
Don't post anything you wouldn't want your grandma or neighbour to see.
Don't do anything on here you wouldn't do on any other unsecure site.

Don't like it?? Ask for a refund and don't use it; go elsewhere. Simples! [:)]



furneaux -> RE: Major site security concerns (1/22/2016 5:49:11 AM)

I think you fail to understand security and privacy. There is no need for either of these issues to exist. The site can be easily hidden from Google with little effort and to allow such easy compromisation of logins is idiotic.

You may not consider it serious. Many others probably assume that their personal and private information isn't available to non-members.



MsLadySue -> RE: Major site security concerns (1/22/2016 6:01:22 AM)

I have been here for 12 years and have not had a problem. I seriously doubt what we do here matters to anyone outside of the site. Personally, I will worry about things that really matter, as this sure as hell isn't one of them.



furneaux -> RE: Major site security concerns (1/22/2016 6:09:44 AM)

Sue - you miss the point.

SSL guards against sniffing, and it has another advantage you might not be aware of: SSL allows you be sure the entity receiving your passwords and other details is who you think it is. It helps to prevent man in the middle attacks (something not around 12 years ago, but now commonplace). It makes passwords easy to steal and as vast numbers of people re-use passwords, it makes other sites easy to then hack.

If say you were victim of DNS poisoning where someone redirects you to a malicious site which looks exactly like the legitimate website, you would have no way of knowing. With SSL you would get a warning/error that the site does not have a valid certificate which would alert you that all is not as it should be.

Security is no longer optional. It's a necessity. Ignoring it is foolish.



MsLadySue -> RE: Major site security concerns (1/22/2016 6:21:07 AM)

My computer's virus protection is set up NOT to allow redirection when logging in to any site.



furneaux -> RE: Major site security concerns (1/22/2016 6:49:10 AM)

Your antivirus cannot defend against MITM or MITB attacks.



CodeOfSilence -> RE: Major site security concerns (1/22/2016 7:10:24 AM)

I suspect that this site is under some sort of MITM attack or DDOS. As sustained as it is I'd guess someone is picking up packets.
Peeps might get rekked, yes.



tj444 -> RE: Major site security concerns (1/22/2016 9:15:50 AM)

well,.. I use Tor for this site especially as some places have a restriction on this site due to the adult content.. Tor is the only way i can access this site at the library.. and on other browsers i use Startpage (which is like duck duck go) so its not tracked.. but then I dont have any info on this site that can be compromised anyway in any meaningful way..



stef -> RE: Major site security concerns (1/22/2016 9:53:45 AM)


quote:

ORIGINAL: furneaux

This needs resolving asap. I have raised it with the site operator and I recommend other users do the same.

Did you stamp your feet and vigorously shake your fist while sending that email? You're guaranteed to get a quicker response if you did.



WickedsDesire -> RE: Major site security concerns (1/22/2016 10:20:57 AM)

Site operators – boaster. I have heard them mythical beings who live at the end of the rainbow snorting pixie dust.
Start your own site as frankly I lost the will to many epochs ago.

What you say is slightly true.

1. Yes. But all websites are hacked sooner not later and billion of accounts.
2. via image search hmm all images are searchable no matter the site. You merely download the image and search away till yer wee heart is content. Doing so requires 4, or is it 3, clicks and a drag as opposed to standard right click. But if you use tor I don’t think you can do that, or can you – probably if you enable flash or something



susie -> RE: Major site security concerns (1/22/2016 11:42:26 AM)


quote:

ORIGINAL: MsLadySue

I have been here for 12 years and have not had a problem. I seriously doubt what we do here matters to anyone outside of the site. Personally, I will worry about things that really matter, as this sure as hell isn't one of them.


Yep I guess I should have spent the last 12 years worrying about all the problems I have had, oh wait I have not had any.



crumpets -> RE: Major site security concerns (1/22/2016 11:24:19 PM)

This thread probably belongs more in the "perv-to-perv" section than in General BDSM.

I agree with the OP, and, no, it's not a sock of mine.
I also agree with tj444, and no, it's not a sock of mine either.

No other similar web site would be caught dead without ssl encryption.
And, logging in outside of Tor or at the very least, VPN, is kind'a crazy.

Personally, I think the site is ripe for someone to hack it, because if this basic stuff is lacking, the actual harder stuff is almost certainly lacking.
What this means is that ALL your data is subject to being published on the web, and, for many people, that's no big deal.

I wouldn't want ti for me though, and I'm pretty sure I'm not the only one who wouldn't want all their CS mails published on the web, including contact information, phone numbers, pictures, etc.




MrRodgers -> RE: Major site security concerns (1/23/2016 12:46:45 AM)

Two things, I don't give fuck what they get from my profile or meanderings here. Two, to what end does any possible hacker, hack into a site like this. We have to represent one of the most narrow markets on the web, so it seems to me, it would be a lot of time spent...for nothing.



ResidentSadist -> RE: No site security concerns in real life (1/23/2016 2:16:53 AM)

Dear furneaux...

SSL is for transmitting secure data. I didn't see anyplace to enter secure data on this website like charge card info, your home address, your Soc Sec # or even your real name... did you?

The Google listings are why you found this public information site in the first place... it is vital to the site search engine rankings which creates traffic. Traffic is what gives value to the advertisers that pay to keep this site a free service to its members.

There is no private data on this server at all... not in profiles or anywhere. You have to violate the TOS to put contact info in your profile.

Even if a hacker pulled the database, the most they could get is your outside email address... what is a hacker gonna' do, spam you with email?

Your Public Service warning is foolish and demonstrates your lack of knowledge. You can shut up now.



DocStrange -> RE: No site security concerns in real life (1/23/2016 10:55:54 AM)

[sm=cheering.gif]Applause[sm=cheering.gif]



furneaux -> RE: No site security concerns in real life (1/23/2016 12:17:33 PM)

Crumpets: Spot on. Exactly my point

ResidentSadist: Better to stay quiet and be thought a fool than to speak and confirm the suspicion.



DocStrange -> RE: No site security concerns in real life (1/23/2016 3:47:32 PM)

This site has no sensitive information. Their email is internal. The person's name and physical address does not exist. The site does not sell anything so no credit card numbers or sensitive account information exists. At best, the only thing a hack is going to do is get your real email address. And so what if they get that? And most use their yahoo and gmail accounts anyways. Nothing. SSL is only needed when sensitive information is being sent over the internet. There is none for this website.

The is simple fear mongering. Many free websites do not have SSL or HTTPs. Why? because it is not needed if the site does not contain or transmit sensitive information of have monetary transactions.



ResidentSadist -> RE: No site security concerns in real life (1/23/2016 3:51:19 PM)

quote:

ORIGINAL: furneaux

Crumpets: Spot on. Exactly my point

ResidentSadist: Better to stay quiet and be thought a fool than to speak and confirm the suspicion.


When you don't really know shit about a topic, it is better to ask a question of the people who do know. Like, "are there any security issues? I am worried because the site shows up in Google." You would have been received in an entirely different way.

Instead, you pronounce a warning statement pretending to know what you are saying, "there are major security issues with this site!" When in fact there aren't any issues. So now you look like fool that runs around talking about shit they don't have the first clue about, just so you can get attention. We call that a "professional victim" in my neighborhood.

You told FreedomDwarf, "Many others probably assume that their personal and private information isn't available to non-members." How could you join this site, ignore all the TOS warnings about posting personal contact information and then come here talking about security issues? You don't really know anything about this site's rules or how web server security and search engine rankings work at all do you? Did you really think coming here and showing us all that you spout off at the mouth about things you don't know shit was a good way to spend your very first posts?

Your future posts and proclamations are tainted by our knowledge that you are a "professional victim" talking about that which you know nothing... and that you don't use the search feature which would have served you well to view the hundreds of other "chicken little" sky is falling threads about security posted by other fools.

So far, your presence and posts here have been a waste of readers time and your misinformation has earned you the status of ignore with me if not many others. Good luck with your future Public Service Announcements.



furneaux -> RE: No site security concerns in real life (1/23/2016 3:59:05 PM)

Oh bless ya. Off you go now. Nurse will be with you soon. Look up Dunning Kruger....



Page: [1] 2 3 4 5   next >   >>

Valid CSS!




Collarchat.com © 2025
Terms of Service Privacy Policy Spam Policy
0.03125