Bill Posted December 3, 2020 Report Share Posted December 3, 2020 Nobody ever looks right down at the bottom of the topics so I'm reposting it here. Observer wrote that like me, he's getting warnings that the site is not safe. If you're reading this then you've chosen to ignore the warning. This is not good. Bill Quote Link to comment Share on other sites More sharing options...
Davy51 Posted December 4, 2020 Report Share Posted December 4, 2020 I have been going round in circles for a couple of days ,wondering if it was a hoax or whether i really had been hijacked to Cuba. I finally clicked the bottom line of the message. 1 Quote Link to comment Share on other sites More sharing options...
Evil Sid Posted December 5, 2020 Report Share Posted December 5, 2020 had to go through four different browsers before i figured out how to get back in finally managed to bypass the lockout using firefox. Chrome,Opera and Explorer just gave me the message, "computer say ..no". Quote Link to comment Share on other sites More sharing options...
Gary Posted December 5, 2020 Report Share Posted December 5, 2020 Whatever was causing the issue appears to have now been fixed - apologies for the inconvenience - I ignored the warning to get back on and don't appear to have picked up any nasty bugs. 1 Quote Link to comment Share on other sites More sharing options...
Confused52 Posted December 5, 2020 Report Share Posted December 5, 2020 Well I am still seeing a warning, and it may be putting people off. [Don't bother with the rest of this unless you speak techie] I am using Edge Version 87.0.664.55 (Official build) (64-bit) or as we call it Edgium because it is derived from the open source Chromium.org open source browser which is not the same as Google Chrome , on Windows 10 1903. "This server couldn't prove that it's forum.warrington-worldwide.co.uk; its security certificate is from *.cloudfront.net. This may be caused by a misconfiguration or an attacker intercepting your connection." I can look at the certificate and it is clearly the wrong one. However this is not really a security problem unless you do not trust your ISP. Importantly this problem occurs on multiple ISPs so it has to be a problem way upstream towards the server. The purpose of the certificate is to prove the identity of the content and then to allow the negotiation of a pair of encryption keys to be used by the server and your computer to keep the content secure and unchanged in transit. New browsers like this one have started to say not secure on any connection that is not secured by encryption because theoretically an intermediary could steal traffic on its way to you and route it via their computer and observe valuable information. An easier way is to site a sniffer at an intermediate ethernet switches and copy the packets. By now you will have realised that the average criminal has little to gain from finding out your password to this forum which most of you will not even enter most times because it is updated on a cookie which gets renewed automatically when it expires. The use of https or as it used to be known Transport Level Security (TLS) does absolutely nothing to protect you from viruses which are carried encrypted straight to you and are undetectable by a middle box because they are enciphered in the https stream. So the use of Occam's razor tells us that it is probably a misconfiguration. Since it can only misconfigured by someone with the appropriate access rights and it is pretty clear that Gary didn't do it them we fall to it being utter incompetence by the staff at the server end, i.e. content. invisioncic.com that is Invision Community, the suppliers of the service. The actual faulty certificate is from cloudfront which is owned by Amazon and operates the Amazon Content Delivery Network. It is not then a co-incidence that the four IP addresses returned as pointing to the Invision servers at r259902.tryinvision.com, for which forum.warrington-worldwide.co.uk is an alias in the DNS, are hosted by AMAZO-CF. 1 Quote Link to comment Share on other sites More sharing options...
Gary Posted December 8, 2020 Report Share Posted December 8, 2020 On 12/5/2020 at 9:57 PM, Confused52 said: Well I am still seeing a warning, and it may be putting people off. [Don't bother with the rest of this unless you speak techie] I am using Edge Version 87.0.664.55 (Official build) (64-bit) or as we call it Edgium because it is derived from the open source Chromium.org open source browser which is not the same as Google Chrome , on Windows 10 1903. "This server couldn't prove that it's forum.warrington-worldwide.co.uk; its security certificate is from *.cloudfront.net. This may be caused by a misconfiguration or an attacker intercepting your connection." I can look at the certificate and it is clearly the wrong one. However this is not really a security problem unless you do not trust your ISP. Importantly this problem occurs on multiple ISPs so it has to be a problem way upstream towards the server. The purpose of the certificate is to prove the identity of the content and then to allow the negotiation of a pair of encryption keys to be used by the server and your computer to keep the content secure and unchanged in transit. New browsers like this one have started to say not secure on any connection that is not secured by encryption because theoretically an intermediary could steal traffic on its way to you and route it via their computer and observe valuable information. An easier way is to site a sniffer at an intermediate ethernet switches and copy the packets. By now you will have realised that the average criminal has little to gain from finding out your password to this forum which most of you will not even enter most times because it is updated on a cookie which gets renewed automatically when it expires. The use of https or as it used to be known Transport Level Security (TLS) does absolutely nothing to protect you from viruses which are carried encrypted straight to you and are undetectable by a middle box because they are enciphered in the https stream. So the use of Occam's razor tells us that it is probably a misconfiguration. Since it can only misconfigured by someone with the appropriate access rights and it is pretty clear that Gary didn't do it them we fall to it being utter incompetence by the staff at the server end, i.e. content. invisioncic.com that is Invision Community, the suppliers of the service. The actual faulty certificate is from cloudfront which is owned by Amazon and operates the Amazon Content Delivery Network. It is not then a co-incidence that the four IP addresses returned as pointing to the Invision servers at r259902.tryinvision.com, for which forum.warrington-worldwide.co.uk is an alias in the DNS, are hosted by AMAZO-CF. Thanks - I don't pretend to understand much of that - but I will pass on to the powers that be. Thank you for trying t o explain in layman's terms. best wishes Gary Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.