Jim Young

Our Site is not Safe - Now you tell me!

Recommended Posts

Little bit of tongue in cheek with the title but I remember a year or two ago when Google told everyone to get the "Green" padlock to show others your site is secure.  It is mandatory or it will be mandatory and, if you don't have this lock, people who go to your site will be warned your site is insecure.  As I recall we had to pay the big bucks to get the green lock.  Now I read half of the sites on the Internet with the green lock are unsafe - https://www.techspot.com/news/77585-half-all-phishing-sites-display-padlock-making-people.html (be careful, it might not be a safe article and site).  Just thought I would pass this bit of information on.  Just because there is a green lock indicating the site you are visiting is secure, it does not mean it is secure.  I don't know what it means.  But AVSIM has one!

Let's hope someone gets their act together.  This is not acceptable!

  • Like 2
  • Upvote 1

Share this post


Link to post
Help AVSIM continue to serve you!
Please donate today!

I also have my sites secured.

15 minutes ago, Jim Young said:

Let's hope someone gets their act together.  This is not acceptable! 

And as You I don't find this.... acceptable.

 

Edited by RamonB

Share this post


Link to post

 

We are the Google, you will be assimilated.

Share this post


Link to post

I got the following from someone using our contact system who was evidently afraid to post his/her comments on AVSIM.  Thought I would share:

"Suck it ( nazijim@suckit.com ) said:

Hey Jim Young, alias ignoramus, instead of posting that stupid word not allowed post about safe sites, and contributing to spread paranoia, why dn’t you use that time to actually READ what it means instead of stating “I don’t know what this means” like the old word not allowed fart you are?

and of course there’s always the brown nose member agreeing with such a stupid comment as “I don’t find this acceptable”, as if it was google or whoever doing this you don’t seem to understand...

the ignorance is staggering, and it is at the same frigthening that wuch technically challenged morons are in charge of such a big site... "

Someone is upset I was simply trying to pass on a warning to our membership (and possibly others in the flight simulation community) to be careful when using the Internet.  Just wanted to correct one of the individual's misconceptions that I'm in charge of AVSIM.  The Board of Directors' manages AVSIM.  The CEO, AVSIM is in charge.  I'm in charge of the forums as the CEO and Board of Directors' put me into this position. 

Share this post


Link to post

Related to Google? Hardly surprised they are most probably angling to screw even more from websites if advertising revenues are falling! I trust Google about as much as................take your pick!

Share this post


Link to post
1 hour ago, Jim Young said:

I got the following from someone using our contact system who was evidently afraid to post his/her comments on AVSIM.  Thought I would share:

"Suck it ( nazijim@suckit.com ) said:

Hey Jim Young, alias ignoramus, instead of posting that stupid word not allowed post about safe sites, and contributing to spread paranoia, why dn’t you use that time to actually READ what it means instead of stating “I don’t know what this means” like the old word not allowed fart you are?

and of course there’s always the brown nose member agreeing with such a stupid comment as “I don’t find this acceptable”, as if it was google or whoever doing this you don’t seem to understand...

the ignorance is staggering, and it is at the same frigthening that wuch technically challenged morons are in charge of such a big site... "

Someone is upset I was simply trying to pass on a warning to our membership (and possibly others in the flight simulation community) to be careful when using the Internet.  Just wanted to correct one of the individual's misconceptions that I'm in charge of AVSIM.  The Board of Directors' manages AVSIM.  The CEO, AVSIM is in charge.  I'm in charge of the forums as the CEO and Board of Directors' put me into this position. 

Quoted poster would benefit from a spell-checker and probably some basic grammar lessons.

Sadly, the education system is failing far too many people but, then again, trolldom ruleZ.

  • Like 1

Share this post


Link to post
14 minutes ago, speedyTC said:

Quoted poster would benefit from a spell-checker and probably some basic grammar lessons.

Sadly, the education system is failing far too many people but, then again, trolldom ruleZ.

The poster needs much more help than spelling / grammar lessons! 

JJ

  • Like 3
  • Upvote 1

Share this post


Link to post
11 minutes ago, speedyTC said:

Quoted poster would benefit from a spell-checker and probably some basic grammar lessons.

Indeed and I always wonder why people would send/post such a vociferous response without actually saying what their beef is.

I think he's refering to the fact that the padlock really only signifies that SSL is being used and a valid certificate is found confirming the site is what it says it is. That doesn't mean amazon-special-offers.com (don't go there) is run by 'The' Amazon we all know and love, just that the owner of that site has applied and paid for a SSL certificate and enabled HTTPS for the site. It doesn't confer any sort of legitimacy other than it's definitely the site you've requested and received with no electronic molestation in between. 

In the purest sense of the word it does mean it's secure, it just doesn't mean it's a safe site or a site that does what it says it does.

As a system it was designed to protect people from having their website requests rerouted to a scam site or having their information stolen during transmission. It was never going to protect people from phishing scams or somehow 'police' websites.

Jim is simply highlighting that that green padlock we've all been told to look out for is now somewhat obsolete as the scammers have found a way round it. It's a constant battle between the two sides (good and evil, criminals and police, hackers and security software, etc etc) and I'm sure there'll be more to come.

A useful heads up, thanks Jim...

  • Like 1

Share this post


Link to post

The 

57 minutes ago, iwebber said:

ndeed and I always wonder why people would send/post such a vociferous response without actually saying what their beef is

Very often there is no real beef.  Society is full of seething,  angry people for any number of reasons which very often comes out in irrational posts like this.  Those are the words of a maladjusted, angry, unhappy person.

  • Like 2
  • Upvote 1

Share this post


Link to post

A truly intelligent and informed person would have at the very least attempted to be an educator and explain things instead of indulging in a profanity laced rant about how stupid Jim is...

This is yet another example of projection, IMHO. :rolleyes:

Share this post


Link to post
32 minutes ago, n4gix said:

This is yet another example of projection, IMHO

Absolutley true. I was thinking as I read that: " Look in the mirror..." 

 

  • Like 1

Share this post


Link to post

Just a heads-up that not all those "Unsecure" sights are nefarious. Many are probably in the same situation as me, with a web site where I just haven't gotten around to doing the certificate thing.

I have a minimum-fee site hosted by Hostgator, and I think the certificate is a freebie with the account. I only use it for hosting image files I want to link on forums like this one, and shared family recipes. Small-time stuff. I just haven't had time, or a strong motivation, to go through whatever steps I need to get certificated (is that a word?).

Anyway, I'll bet a lot of others are in a similar situation. Yeah, we should upgrade, and we'll get around to it eventually. But there is no immediate pressure to do so.

Share this post


Link to post
6 hours ago, Jim Young said:

"Suck it ( nazijim@suckit.com ) said:

If this is your biggest problem with your day then you know what your problem is? You don't have any so you just go around making them. 

ignoramus 😄

Share this post


Link to post
1 hour ago, Paraffin said:

Just a heads-up that not all those "Unsecure" sights are nefarious. Many are probably in the same situation as me, with a web site where I just haven't gotten around to doing the certificate thing.

The article is about everyone having the green lock and does not discuss unsecure sites that do not have the green lock.  Even if the site has a green lock, it does not mean the site has not been duplicated.  Phishing websites duplicate other websites to make you believe the site is authentic.  They then try to steal personal information you may provide.  This is mostly a concern for sites where you buy products using a credit card or other form of payment.  The phishing websites that duplicate others also have the green lock.  The green lock was supposed to avoid issues like this and why AVSIM signed up when it was first announced.

Share this post


Link to post

 

7 hours ago, Jim Young said:

"Suck it ( nazijim@suckit.com ) said:

Hey Jim Young, alias ignoramus, instead of posting that stupid word not allowed post about safe sites, and contributing to spread paranoia, why dn’t you use that time to actually READ what it means instead of stating “I don’t know what this means” like the old word not allowed fart you are?

and of course there’s always the brown nose member agreeing with such a stupid comment as “I don’t find this acceptable”, as if it was google or whoever doing this you don’t seem to understand...

the ignorance is staggering, and it is at the same frigthening that wuch technically challenged morons are in charge of such a big site... "

What is obvious is that Mr. Suck It has a serious personality disorder.

Edited by RamonB

Share this post


Link to post

Safe surfing is just that, safe surfing.  What one must watch out for is mistyping a url, since so many sites get domain names similar to real sites, capitalizing on the fact that people misspell when they type a url.  That can lead one to a site which looks real, acts real, and has fields for personal information that the user inputs--and their information is stolen.  Or the sites install drive by downloads.  I always tell people if they receive a Yes/No prompt or OK/Cancel prompt from a site that they believe suspect and want to leave, click neither lest you run embedded code.  Go to task manager and kill the browser, and when you restart the browser and it asks you to restore the session, do not.  Use Adblock Plus for sites you do not trust, do not block sites you do trust, they will not run right or at all.  Avoid sites that convert youtube files to mp3's or mp4's, most will try to trick you into downloading a malware "download manager" or barrage you with malicious pop-ups.  And never, ever provide personal information such as an SSN, or passport number, or phone number, to an email no matter how legit or threatening it is.  All the things I mention do not take time, make them habit.  I've installed and managed WANS from the late 80's until I retired in 2015, worldwide, and my advice resulted in zero downtime for my employers and clients, and no reformats or reloads of operating systems or loss of data.  When I was a WAN admin for an insurance company I put out a newsletter to all of our employees with these tips and more, since we let them browse the web during their breaks and lunches if they wished.  It was a wise strategy on our part since it kept them close to the workplace and minimized sick time or personal leave.

John

Share this post


Link to post

The "green lock" means that the transmission of data between you and the website is encrypted using a valid and trusted security certificate.  Nothing more.

It certainly does NOT mean that the contents of a given site can be trusted just because of that encrypted connection, and it never has.  Nor does the lack of one mean that a site is questionable, though I would certainly never conduct any business of any sort, or pass along personally identifiable information (including usernames/passwords) on anything other than one using HTTPS with a valid cert.

Scott

Share this post


Link to post

Bottom line, make sure you have a good security system and a hot delete key.  The first protects you and the second dumps idiots.

 

Jim Driskell

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now