NOTE! This site uses cookies and similar technologies.

If you not change browser settings, you agree to it.

I understand

Welcome, Guest
Username: Password: Remember me

TOPIC: Please deploy https

Please deploy https 1 year 4 months ago #1

  • jvoisin
  • jvoisin's Avatar
  • Offline
  • Fresh Boarder
  • Posts: 2
  • Karma: 0
openelec.tv and its subdomains are used for a lot of things, from this forum, to udpates. Currently, everything transits in plain text, allowing an attacker (in a MITM position of course, but I'm quite sure that a lot of people are using the forum from untrusted access-points, like hotels, cybercafés, airports, bars, …) to steal passwords, to permanently backdoor every single openelec box, to advertise false news (to conduct social engineering attack, inpersonate users, deliver malwares, … the possibilities are almost endless.

This is why it would be great to enable https on as much domain as possible: it's cheap free and fast.
The administrator has disabled public write access.

Please deploy https 3 months 1 week ago #2

  • yubby
  • yubby's Avatar
  • Offline
  • Junior Boarder
  • Posts: 21
  • Thank you received: 3
  • Karma: 0
Since June 5th (as far as I can tell) the site has been subjected to 'mass spamming' with all the categories being filled with poorly-worded adverts for accountancy and legal consultations.

A better registration process (that can't be bot'd ) and screening may need to be implemented.

AND, a cleanup (removal) of the 1,000+ entries that have been posted... (including 'my mistakes' in responding to several of them).

Thanks !
The administrator has disabled public write access.

Please deploy https 3 months 1 week ago #3

  • yubby
  • yubby's Avatar
  • Offline
  • Junior Boarder
  • Posts: 21
  • Thank you received: 3
  • Karma: 0
OH, yes, and an SSL 'cert'...
The administrator has disabled public write access.

Please deploy https 2 months 1 day ago #4

  • yubby
  • yubby's Avatar
  • Offline
  • Junior Boarder
  • Posts: 21
  • Thank you received: 3
  • Karma: 0
They're baaaaaack....
The administrator has disabled public write access.