(RESOLVED) Will it ever be implemented? HTTPS
Discussion
Funnily enough during my network security lab, we were learning about stealing cookies using wireshark and the website on the lab sheet was PistonHeads! This got me thinking as to why a relatively simple yet essential feature hasn't been implemented to date. Is it something that perhaps the IT team would deem useful as it certainly is in my eyes
anonymous said:
[redacted]
Totally agree with you. In fact I was able to retrieve the failed log in attempts of others in the lab and could clearly see the username and password they entered! If they're unwilling to do anything about it they should at least make users aware about the dangers. thebraketester said:
Just to bring this thread to a close.
OP. The answer is, NO.
•**TOPIC CLOSED**•
Thank you my good sir, although I did not see any reason for why you must shout no.OP. The answer is, NO.
•**TOPIC CLOSED**•
All that jazz said:
Yes it's one of those stty arrangements where you have to be logged in to view anything. I just don't even bother with such sites.
Agreed!eliot said:
Just followed in from the thread in the Lounge.
Lack of SSL is really poor form - the spooks vacuum up ALL internet traffic by default and extract out useful plain text information such as these passwords, as they know they can re-use them elsewhere.
https://en.wikipedia.org/wiki/XKeyscore
SSL won't stop them if they really want your password(s) unfortunately https://blog.cryptographyengineering.com/2013/12/0...Lack of SSL is really poor form - the spooks vacuum up ALL internet traffic by default and extract out useful plain text information such as these passwords, as they know they can re-use them elsewhere.
https://en.wikipedia.org/wiki/XKeyscore
Gassing Station | Website Feedback | Top of Page | What's New | My Stuff