Author Topic: Do not any longer ignore certification browser pop-ups and warnings!  (Read 20830 times)

0 Members and 1 Guest are viewing this topic.

Offline TedNelly

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1538
  • Trust No-One!
Re: Do not any longer ignore certification browser pop-ups and warnings!
« Reply #15 on: December 20, 2008, 05:51:45 AM »
With no apology to tednelly whatsoever ...

Would expect absolutely nothing from such a pomp⋅ous forum member, that holds oneself in such high esteem as to not recognize ones own unnecessary sarcastic jibe.

I don't recall asking you for anything, as for an apology I very much doubt it a word you would utter freely?
« Last Edit: December 20, 2008, 05:55:46 AM by tednelly »
Windows 10 Pro | Intel I7 CPU | 16 Gig 2133 RAM | Avast beta 17.5.2295 | Firefox 54 b9(64-bit) | Cyberfox 52.1 | T-Bird 52.1.1 | SpyWareBlaster 5.5 | MalwareBytes 3.0.0.865 | WinPatrol 35.5.2 | GlassWire 1.2.100 | Cybereason Ransomfree 2.2.7 |  Pulla-dePlug Final!

Offline alanrf

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3870
  • Just an avast user
Re: Do not any longer ignore certification browser pop-ups and warnings!
« Reply #16 on: December 20, 2008, 06:04:47 AM »
tednelly,

Allowing for your emotional venting ... I have apologized before in these forums ... but not today and not to you.

BTW what we are seeing in this thread is rather inverted logic.

Quote
So do not take things for granted, and do not trust things at first glance.
Like the report posted by polonus.

I was stating (albeit with some irony - perhaps the difference is not clear to some posters) that I did already take these warning seriously.  Where is the evidence that others do not?  I see none given.   And then we have the subtle change to:

Quote
Also there are many selling sites that sell things without https

Very true ... let the buyer beware  ... but what has that got to do with certificate warning in any way shape or form?

And the continuing obfuscation as a fig leaf to avoid the point I made.  I think most users are already concerned when they see a certificate problem.  This was, from the start, a posting of a report that is an answer looking for a problem.
« Last Edit: December 20, 2008, 06:16:14 AM by alanrf »

Offline TedNelly

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1538
  • Trust No-One!
Re: Do not any longer ignore certification browser pop-ups and warnings!
« Reply #17 on: December 20, 2008, 06:23:40 AM »
 My goodness how emotional of me!
Your comments re Polonus's post were not sarcastic, totally necessary,  Polonus's sole intention as you pointed out, was to have us all heap admiration upon him.
Windows 10 Pro | Intel I7 CPU | 16 Gig 2133 RAM | Avast beta 17.5.2295 | Firefox 54 b9(64-bit) | Cyberfox 52.1 | T-Bird 52.1.1 | SpyWareBlaster 5.5 | MalwareBytes 3.0.0.865 | WinPatrol 35.5.2 | GlassWire 1.2.100 | Cybereason Ransomfree 2.2.7 |  Pulla-dePlug Final!

Offline alanrf

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3870
  • Just an avast user
Re: Do not any longer ignore certification browser pop-ups and warnings!
« Reply #18 on: December 20, 2008, 07:01:41 AM »
tednelly,

now you are getting the hang of it! 

BTW see the PM I just sent you.


Offline alanrf

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3870
  • Just an avast user
Re: Do not any longer ignore certification browser pop-ups and warnings!
« Reply #19 on: December 20, 2008, 09:04:00 AM »
The purpose of this post is an apology to polonus

Following a private discussion tednelly (for which my thanks) has made clear to me that my earlier comments in this thread are, or very close to being, a personal criticism of polonus whose intent in starting this thread was, I know, based solely on helping others in the forum.

My intent was to question the information being posted by polonus - which is legitimate - and not to impugn polonus or the right of polonus to post the information.  For my failure in my wording to be clear in this I must apologize to polonus



   

Hard_ROCKER

  • Guest
Re: Do not any longer ignore certification browser pop-ups and warnings!
« Reply #20 on: December 20, 2008, 09:47:49 AM »
Thnks for the tip on Perspectives Damian ! Nice add-on ! :)

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Do not any longer ignore certification browser pop-ups and warnings!
« Reply #21 on: December 20, 2008, 02:09:19 PM »
Thnks for the tip on Perspectives Damian ! Nice add-on ! :)
Really... I've tested it and see no purpose at all... can you share with us some usefulness of it?
The best things in life are free.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Do not any longer ignore certification browser pop-ups and warnings!
« Reply #22 on: December 20, 2008, 02:11:41 PM »
The purpose of this post is an apology to polonus

Following a private discussion tednelly (for which my thanks) has made clear to me that my earlier comments in this thread are, or very close to being, a personal criticism of polonus whose intent in starting this thread was, I know, based solely on helping others in the forum.

My intent was to question the information being posted by polonus - which is legitimate - and not to impugn polonus or the right of polonus to post the information.  For my failure in my wording to be clear in this I must apologize to polonus.
Congratulations forum users. This kind of behavior keeps the good atmosphere of the forums, don't you think?
Let me make clear I'm on the same side of Peter, Polonus, Alan ;)
The best things in life are free.

Hard_ROCKER

  • Guest
Re: Do not any longer ignore certification browser pop-ups and warnings!
« Reply #23 on: December 20, 2008, 02:13:16 PM »
http://www.cs.cmu.edu/~perspectives/firefox.html
Quote
The extension provides two primary benefits:

   1. If you connect to a website with an untrusted (e.g.,self-signed certificate)*, Firefox will give you a very nasty security error and force you to manually install an exception. Perspectives can detect whether a self-signed certificate is valid, and automatically overrides the annoying security error page if it is safe to do so.
   2. It is possible that an attacker may trick one of the many Certificate Authorities trusted by Firefox into incorrectly issuing a certificate for a trusted website. Perspectives can also detect this attack and will warn you if things look suspicious.

* The same is true for HTTPS sites with certificates that contain mismatched domain names (e.g., www.gmail.com uses a certificate for mail.google.com) or certificates that are expired.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Do not any longer ignore certification browser pop-ups and warnings!
« Reply #24 on: December 20, 2008, 02:22:57 PM »
I'll install it again. Thanks.
Seems that I'm not visiting pages with wrong/expired certificates... ;D
The best things in life are free.

Hard_ROCKER

  • Guest
Re: Do not any longer ignore certification browser pop-ups and warnings!
« Reply #25 on: December 20, 2008, 02:33:43 PM »
Yeah neither do i but every once in a while i do come across a site like that. :)

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Do not any longer ignore certification browser pop-ups and warnings!
« Reply #26 on: December 20, 2008, 07:37:12 PM »
Is this only for FF ???
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Do not any longer ignore certification browser pop-ups and warnings!
« Reply #27 on: December 20, 2008, 07:46:29 PM »
Is this only for FF ???

Perspectives? I think so...
The best things in life are free.

Offline Abraxas

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 730
  • Perseverance Furthers...
    • PCLinuxOS-Forums
Re: Do not any longer ignore certification browser pop-ups and warnings!
« Reply #28 on: December 23, 2008, 08:49:01 AM »
Nice debate guy's , keep it up  ;)

Hard_ROCKER

  • Guest
Re: Do not any longer ignore certification browser pop-ups and warnings!
« Reply #29 on: December 25, 2008, 01:51:13 AM »
Hello Abraxas, there is an even bigger problem here, nowadays anyone can get a fully legitimate SSL Certificate, thanks to stupid Comodo ...

Read more here: https://blog.startcom.org/?p=145

Quote
In a previous article I reported about Man-In-The-Middle (MITM) attacks and if they really happen. Unfortunately it does happen as some testimonials confirm. Now it’s even easier because in the attack described previously, untrusted certificates from an unknown issuer were used. Want to make the attack perfect with no error and fully trusted certificate? No problem, just head over to one of Comodo’s resellers. ...

Quote
... This prompted me to create another certificate through them, but this time by using a domain name which should never be issued to me. For the purpose of testing, I selected the domain mozilla.com (I’m certain they will forgive me). Five minutes later I was in the possession of a legitimate certificate issued to mozilla.com - no questions asked - no verification checks done - no control validation - no subscriber agreement presented, nothing. ...