This is where you can remind us how much the software sucks and how dead the community is.


[Return]
Posting mode: Reply
Name
Email
Subject   (reply to 6809)
Message
BB Code
File
File URL
Embed   Help
Password  (for post and file deletion)
  • Supported file types are: ASS, BMP, CSS, FLAC, GIF, JPEG, JPG, MP3, OGG, PDF, PNG, PSD, RAR, SWF, TORRENT, TXT, WEBM, ZIP
  • Maximum file size allowed is 10000 KB.
  • Images greater than 260x260 pixels will be thumbnailed.
  • Currently 1625 unique user posts.
  • board catalog

File 162442180337.jpg - (11.02KB , 235x237 , fqsidgs.jpg )
6809 No. 6809 [Edit]
Connection to tohno-chan.com is insecure.
Https:// does nothing to help.

Can this be amended?
Expand all images
>> No. 6810 [Edit]
Disagree.
http://n-gate.com/software/
>> No. 6811 [Edit]
I agree.
>> No. 6859 [Edit]
File 165931357733.jpg - (16.26KB , 320x240 , wiggle.jpg )
6859
Tohno get us a Let's Encrypt certificate, it's literally free and very easy to set up.
>> No. 6860 [Edit]
>>6859
kusaba doesn't like it.
>> No. 6861 [Edit]
>>6860
Kusaba shouldn't care, the http server (apache or nginx) is the one that handles the connection though? That said, there's no point in adding https and it's going to break compatibility with older devices. Let this place be one of the few remaining legacies of the old web.
>> No. 6888 [Edit]
>>6810
Many of the arguments made on both that website and the one it's referencing that's pro HTTPS everywhere are asinine and biased. It really doesn't have to be so black and white like this.
HTTP has a place in keeping websites accessible by legacy hardware and operating systems and is super important.
That said any website that has any potential for a security threat to me by not having HTTPS, for example by having an attacker inject a script through an insecure network, should at least serve the website in both HTTP and HTTPS. I should have a real choice as a user even when it makes sense for the default to be HTTP.
It's not reasonable, as that website suggests, to tell me to overthrow my whole country or revolutionize my society such that I ensure no one takes advantage of my connection when there is a simple and clear solution to prevent this specific issue. And nobody has a reasonably secure connection in the way suggested these days, all ISPs are untrustworthy, all governments are untrustworthy. I can't reasonably protect myself from those entities like that.
I'd love if everyone was kind and trustworthy but many people simply aren't. And I shouldn't have to be Stallman tier to access computing infrastructure reasonably safely either.
With that said, Kusaba, please give me as a user the option to interact with this website in a way I consider secure. HTTP should still be an option too.
>> No. 6889 [Edit]
>>6888
If that's an issue you can always tunnel your traffic over a secure channel.
>please give me as a user the option to interact with this website in a way I consider secure
You do have this option, as mentioned above. Sure it wouldn't hurt if TC _also_ offered an https option, but given the complexity of adding and maintaining this on their end especially given aging software, it's far easier for you take matters into your own hands if this is an issue that affects you.
>> No. 6916 [Edit]
>>6889
>If that's an issue you can always tunnel your traffic over a secure channel.
Show me a secure channel.
>> No. 6917 [Edit]
is tor blocked?
>> No. 6941 [Edit]
My main problem with the site being http is that there is all this C P spam on imageboards, and if it gets posted here, my ISP may see the images and I may possibly get in trouble.
>> No. 6943 [Edit]
They could allow tor, but limit bandwidth to check spammers. They could leave the download bandwidth be, but throttle upload. Maybe. These bastards can just spam a hell lot of text messages with links to their bullcrap. Maybe they could do tor read-only. You confirm there's no trouble and then post in clearnet. But whether they will do it, no idea.
>> No. 6951 [Edit]
>>6859
This. Try out certbot. It's free and you can setup a cron job for it to be renewed automatically.
https://certbot.eff.org/
>> No. 6952 [Edit]
The problem isn't acquiring a cert or anything related to infrastructure. kusaba herself is funky enough where enabling HTTPS effects problems, especially when we want make it optional. In the coming months, this will hopefully be resolved. I'm personally looking forward to it.
>> No. 6953 [Edit]
>>6952
Thank you for making it optional.
>> No. 6954 [Edit]
I was worried the chan was kill but then got reminded to use http instead of https I love this place and hope it will never die
>> No. 6960 [Edit]
please remove the spam. i'd hit report but i don't wanna open that board
>> No. 6961 [Edit]
Tohno, is it feasible to allow reports through tor?
>> No. 6979 [Edit]
just use certbot

View catalog

Delete post []
Password  
Report post
Reason  


[Home] [Manage]



[ Rules ] [ an / foe / ma / mp3 / vg / vn ] [ cr / fig / navi ] [ mai / ot / so / tat ] [ arc / ddl / irc / lol / ns / pic ] [ home ]