Jump to content

Forum Security Warning.


Bill

Recommended Posts

Nobody ever looks right down at the bottom of the topics so I'm reposting it here.

Observer wrote that like me, he's getting warnings that the site is not safe. 

If you're reading this then you've chosen to ignore the warning. 

This is not good.

 

Bill 

Link to comment
Share on other sites

  • Bill changed the title to Forum Security Warning.

Well I am still seeing a warning, and it may be putting people off.

[Don't bother with the rest of this unless you speak techie]

I am using Edge Version 87.0.664.55 (Official build) (64-bit) or as we call it Edgium because it is derived from the open source Chromium.org open source browser which is not the same as Google Chrome , on Windows 10 1903.

"This server couldn't prove that it's forum.warrington-worldwide.co.uk; its security certificate is from *.cloudfront.net. This may be caused by a misconfiguration or an attacker intercepting your connection."

I can look at the certificate and it is clearly the wrong one. However this is not really a security problem unless you do not trust your ISP. Importantly this problem occurs on multiple ISPs so it has to be a problem way upstream towards the server. The purpose of the certificate is to prove the identity of the content and then to allow the negotiation of a pair of encryption keys to be used by the server and your computer to keep the content secure and unchanged in transit. New browsers like this one have started to say not secure on any connection that is not secured by encryption because theoretically an intermediary could steal traffic on its way to you and route it via their computer and observe valuable information. An easier way is to site a sniffer at an intermediate ethernet switches and copy the packets. By now you will have realised that the average criminal has little to gain from finding out your password to this forum which most of you will not even enter most times because it is updated on a cookie which gets renewed automatically when it expires.

The use of https or as it used to be known Transport Level Security (TLS) does absolutely nothing to protect you from viruses which are carried encrypted straight to you and are undetectable by a middle box because they are enciphered in the https stream.

So the use of Occam's razor tells us that it is probably a misconfiguration. Since it can  only misconfigured by someone with the appropriate access rights and it is pretty clear that Gary didn't do it them we fall to it being utter incompetence by the staff at the server end, i.e. content. invisioncic.com that is Invision Community, the suppliers of the service. 

The actual faulty certificate is from cloudfront which is owned by Amazon and operates the Amazon Content Delivery Network. It is not then a co-incidence that the four IP addresses returned as pointing to the Invision servers at r259902.tryinvision.com, for which forum.warrington-worldwide.co.uk is an alias in the DNS, are hosted by AMAZO-CF. 

 

 

  • Upvote 1
Link to comment
Share on other sites

On 12/5/2020 at 9:57 PM, Confused52 said:

Well I am still seeing a warning, and it may be putting people off.

[Don't bother with the rest of this unless you speak techie]

I am using Edge Version 87.0.664.55 (Official build) (64-bit) or as we call it Edgium because it is derived from the open source Chromium.org open source browser which is not the same as Google Chrome , on Windows 10 1903.

"This server couldn't prove that it's forum.warrington-worldwide.co.uk; its security certificate is from *.cloudfront.net. This may be caused by a misconfiguration or an attacker intercepting your connection."

I can look at the certificate and it is clearly the wrong one. However this is not really a security problem unless you do not trust your ISP. Importantly this problem occurs on multiple ISPs so it has to be a problem way upstream towards the server. The purpose of the certificate is to prove the identity of the content and then to allow the negotiation of a pair of encryption keys to be used by the server and your computer to keep the content secure and unchanged in transit. New browsers like this one have started to say not secure on any connection that is not secured by encryption because theoretically an intermediary could steal traffic on its way to you and route it via their computer and observe valuable information. An easier way is to site a sniffer at an intermediate ethernet switches and copy the packets. By now you will have realised that the average criminal has little to gain from finding out your password to this forum which most of you will not even enter most times because it is updated on a cookie which gets renewed automatically when it expires.

The use of https or as it used to be known Transport Level Security (TLS) does absolutely nothing to protect you from viruses which are carried encrypted straight to you and are undetectable by a middle box because they are enciphered in the https stream.

So the use of Occam's razor tells us that it is probably a misconfiguration. Since it can  only misconfigured by someone with the appropriate access rights and it is pretty clear that Gary didn't do it them we fall to it being utter incompetence by the staff at the server end, i.e. content. invisioncic.com that is Invision Community, the suppliers of the service. 

The actual faulty certificate is from cloudfront which is owned by Amazon and operates the Amazon Content Delivery Network. It is not then a co-incidence that the four IP addresses returned as pointing to the Invision servers at r259902.tryinvision.com, for which forum.warrington-worldwide.co.uk is an alias in the DNS, are hosted by AMAZO-CF. 

 

 

Thanks - I don't pretend to understand much of that - but I will pass on to the powers that be. Thank you for trying t o explain in layman's terms.

best wishes

Gary

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...