FIXED! Have GBAtemp use encryption

  • Thread starter GH0
  • Start date
  • Views 3,136
  • Replies 22
  • Likes 3
G

GH0

Well-Known Member
OP
Member
Level 3
Joined
Dec 26, 2008
Messages
101
Trophies
1
XP
288
Country
United States
Is there any reason that gbatemp does not use any form of encryption (from what I can see, it isn't used during the login process either).

If I could, could I request that ssl/tls/whatever encryption start being used on this site? There really shouldn't be any reason why it can't be enabled. It is definitely possible for a site and forum such as this one.
 
  • Like
Reactions: Deleted_171835, Vipera and pelago
Upvote 0 Downvote
The Real Jdbye

The Real Jdbye

*is birb*
Member
Level 23
Joined
Mar 17, 2010
Messages
23,254
Trophies
4
Location
Space
XP
13,809
Country
Norway
GH0 said:
Is there any reason that gbatemp does not use any form of encryption (from what I can see, it isn't used during the login process either).

If I could, could I request that ssl/tls/whatever encryption start being used on this site? There really shouldn't be any reason why it can't be enabled. It is definitely possible for a site and forum such as this one.
Click to expand...
I agree. Not like my GBAtemp account has any private information stored on it, but there's no reason to not enable SSL these days when you can get a valid SSL certificate for free.

Cartmanuk said:
Well GBAtemp was hacked awhile back so I believe it is secure now.
Click to expand...
Your post is contradictory and makes no sense.
 
  • Like
Reactions: pelago
DinohScene

DinohScene

Gay twink catboy
Global Moderator
Level 29
Joined
Oct 11, 2011
Messages
22,530
Trophies
4
Location
Восторг
XP
22,724
Country
Antarctica
Don't give out personal information on the web.
Don't post personal information on the web.
Don't keep personal information in places where others can reach it.

If you don't trust a site, then don't register.
Simple as that.
 
FAST6191

FAST6191

Techromancer
Editorial Team
Level 33
Joined
Nov 21, 2005
Messages
36,798
Trophies
3
XP
28,321
Country
United Kingdom
The issue was considered before, I will try to find the thread in which it was discussed. The net result though was it was felt the increase in server load would not be worth the gains, which are pretty minimal in a site like this.
 
migles

migles

All my gbatemp friends are now mods, except for me
Member
Level 15
Joined
Sep 19, 2013
Messages
8,033
Trophies
0
Location
Earth-chan
XP
5,299
Country
China
guests and everyone with an account can see the posts, what needs to be "secured"?

login? use a random generated password (i just pressed "forgot password" button and got one generated)
save it in the browser container (most secure place in the internet! :sarcasm: ) and there ya go
someone stealed the account? what is in the account anyone can use?
 
X

xxNathanxx

Well-Known Member
Member
Level 4
Joined
Oct 28, 2011
Messages
403
Trophies
1
XP
533
Country
New Caledonia
DinohScene said:
Don't give out personal information on the web.
Don't post personal information on the web.
Don't keep personal information in places where others can reach it.

If you don't trust a site, then don't register.
Simple as that.
Click to expand...
That has nothing to do with SSL. Please don't reply if you don't know what you are talking about.

migles said:
guests and everyone with an account can see the posts, what needs to be "secured"?

login? use a random generated password (i just pressed "forgot password" button and got one generated)
save it in the browser container (most secure place in the internet! :sarcasm: ) and there ya go
someone stealed the account? what is in the account anyone can use?
Click to expand...
You too. Yes, you should use 'random'ly generated passwords, but I'd imagine not many people here (or anywhere) do that consistently.

FAST6191 said:
The issue was considered before, I will try to find the thread in which it was discussed. The net result though was it was felt the increase in server load would not be worth the gains, which are pretty minimal in a site like this.
Click to expand...
Is the increase in load that noticeable? If so I would suggest using it only for login and such, so no passwords can be stolen. Still, it would be nice to have the site fully encrypted.
 
  • Like
Reactions: Deleted_171835
FAST6191

FAST6191

Techromancer
Editorial Team
Level 33
Joined
Nov 21, 2005
Messages
36,798
Trophies
3
XP
28,321
Country
United Kingdom
There is a noticeable overhead (in terms of CPU and memory you can see it clearly enough in a task manager, though it is not a problem here if you couple that with some less than great IO performance like from a shared host then it is even more fun), especially if we have a lot of guests on the forum. Granted at the last time this was considered the servers were being pushed quite hard (Costello and tj_cool were always trying to optimise things at that point) as were those handling the server itself. Things are a tiny bit more relaxed these days but whether they will think it worth the effort I am not sure.

I may well be talking out of my arse and will have to research the protocol but there is also the facebook login option, I imagine that is secured enough for those that wish for such things for the login side of things.

On the other hand if google is really bumping up sites with SSL in the rankings it might be worth considering, especially as certs are now at money you can afford to lose territory.
 
X

xxNathanxx

Well-Known Member
Member
Level 4
Joined
Oct 28, 2011
Messages
403
Trophies
1
XP
533
Country
New Caledonia
FAST6191 said:
There is a noticeable overhead (in terms of CPU and memory you can see it clearly enough in a task manager, though it is not a problem here if you couple that with some less than great IO performance like from a shared host then it is even more fun), especially if we have a lot of guests on the forum. Granted at the last time this was considered the servers were being pushed quite hard (Costello and tj_cool were always trying to optimise things at that point) as were those handling the server itself. Things are a tiny bit more relaxed these days but whether they will think it worth the effort I am not sure.

I may well be talking out of my arse and will have to research the protocol but there is also the facebook login option, I imagine that is secured enough for those that wish for such things for the login side of things.

On the other hand if google is really bumping up sites with SSL in the rankings it might be worth considering, especially as certs are now at money you can afford to lose territory.
Click to expand...
Alright.

If you should go for sitewide SSL, you could always choose to self sign (so it would be free) and just ask people to accept your certificate if they want a secure connection to the site. Of course that has downsides as well, but you could give it a try and if the demand is high enough you could get a paid certificate from a fancy CA that is for some reason accepted by default by most browsers.

As for the Facebook login option, I'd imagine the 'asking for SSL' and the 'logging in through Facebook' groups are mutually exclusive.
 
FAST6191

FAST6191

Techromancer
Editorial Team
Level 33
Joined
Nov 21, 2005
Messages
36,798
Trophies
3
XP
28,321
Country
United Kingdom
The facebook thing was more a means to an end (a way of having a secure login rather than a means to have a facebook version of remember my password).

As for self signing I would not suggest it for this site, most modern browsers will freak out when they encounter them and most people do not want to read the errors. If it is a choice between having people get out of sites when errors pop up and having people learn to ignore them (I would love people to read and understand errors but we are not in magic fairy land) I am going with just get out. A nice example might be when we link up C3 each year (they use a self signed cert) and we typically get comments on it. I would have thought those interesting in C3 would be a fairly self selected group that is versed in basic security, if it happens there then those just wanting to read a guide on their new flash cart...
 
Monty Kensicle

Monty Kensicle

Yay!
Member
Level 6
Joined
Aug 4, 2008
Messages
1,234
Trophies
1
Location
Commonwealth of Virginia
Website
www.facebook.com
XP
784
Country
United States
DinohScene said:
Don't give out personal information on the web.
Don't post personal information on the web.
Don't keep personal information in places where others can reach it.

If you don't trust a site, then don't register.
Simple as that.
Click to expand...
But some days when your're desperate to find a file, you just have to register on the Russian web forum with the dubious file download links.

That's why I use fake information with a dummy e-mail and virus scan everything I download.
 
DinohScene

DinohScene

Gay twink catboy
Global Moderator
Level 29
Joined
Oct 11, 2011
Messages
22,530
Trophies
4
Location
Восторг
XP
22,724
Country
Antarctica
Monty Kensicle said:
But some days when your're desperate to find a file, you just have to register on the Russian web forum with the dubious file download links.

That's why I use fake information with a dummy e-mail and virus scan everything I download.
Click to expand...

Long live mailinator or onewaymail.
 

Site & Scene News

Go to forum More news

Popular threads in this forum

What's up with the anti-adblock popup

Add a Dislike Button

My Final Thoughts: The Perils of Unleashing AI Without Proper Consideration

iOS weirdness...

GBATemp and AI Chatbots

Feedback  Please fix spam posts still showing up in the recent content box for blogs.

General chit-chat
Help Users
  • SylverReZ @ SylverReZ:
    Had a ton of bugs and often crashed. It even didn't support DOS compatibility with older games. :feelsbadman:
  • SylverReZ @ SylverReZ:
    I only grew up with Windows XP because I was lucky.
  • RedColoredStars @ RedColoredStars:
    I downloaded XP on dialup when it came out. Overnights for like a week. cuz I couldn't tie up the phone line during the day. It was so awesome and worked so great going from ME to XP.
  • K3Nv2 @ K3Nv2:
    Vga pins were a dick
  • K3Nv2 @ K3Nv2:
    I kind of want down a large pizza at 10am then crash out
  • ZeroT21 @ ZeroT21:
    Having pizza all day? done it
  • K3Nv2 @ K3Nv2:
    Nah pizza hut open at 10:30
  • ZeroT21 @ ZeroT21:
    just buy a stack of pizza and keep the rest you don't need yet frozen
  • K3Nv2 @ K3Nv2:
    Or buy frozen pizza
  • ZeroT21 @ ZeroT21:
    I buy the regular kind, not the frozen stuff
  • ZeroT21 @ ZeroT21:
    supermarket pizza is ass
  • K3Nv2 @ K3Nv2:
    x65 would just yell at me
  • ZeroT21 @ ZeroT21:
    sounds ok, he didn't pull a gun out ,so...
  • K3Nv2 @ K3Nv2:
    $12 large any style pizza deal
  • K3Nv2 @ K3Nv2:
    Each bite is a $1 well spent
  • SylverReZ @ SylverReZ:
    @ZeroT21, Agreed. I hate oven pizza, only from pizza place.
     +1
  • K3Nv2 @ K3Nv2:
    Nah I can still go for totinos
  • RedColoredStars @ RedColoredStars:
    i like totinos party pizzas. lol.
  • RedColoredStars @ RedColoredStars:
    the cracker-like crust is great on those
  • RedColoredStars @ RedColoredStars:
    My neighbor and I are going to make this next month....
  • RedColoredStars @ RedColoredStars:
    https://allfood.recipes/pizza-burger-pie/
  • SylverReZ @ SylverReZ:
    Tiger crust is great.
  • K3Nv2 @ K3Nv2:
    I'm beefing with a neighbor currently each time I ask him for help with something he makes bs excuses then ignores my calls text but seems to randomly speak when I'm done with the project after doing things to help him
  • RedColoredStars @ RedColoredStars:
    DiGiorno Crispy Pan Pizza tasted pretty dang close to Pizza hut pan pizza, but Im not sure if theyve been discontinued or not. Havent seen them locally for a couple of months now.
  • RedColoredStars @ RedColoredStars:
    The croissant crust is still available though, but not quite as good imo.
    RedColoredStars @ RedColoredStars: The croissant crust is still available though, but not quite as good imo.