What's new
  • ICMag with help from Phlizon, Landrace Warden and The Vault is running a NEW contest for Christmas! You can check it here. Prizes are: full spectrum led light, seeds & forum premium access. Come join in!

View this site in Firefox!

gomer

Active member
Quick rant,,,,
It's really frigging annoying having to remove the 's' from the http every time we wanna visit this site.
Doc, why don't you just enter the site with the http address. Change or re-save your favorites/bookmarks and desktop icons to what ever ICMAG start page you use without the 's' to begin with. I'm not that worried about security either and i never use the https at all.
http://www.icmag.com/
 

kmk420kali

Freedom Fighter
Veteran
Quick rant,,,,

It's really frigging annoying having to remove the 's' from the http every time we wanna visit this site. Puts me off coming here to be honest,, gives us negative vibes !!!

I n I dont really care about security to be honest (we homegrow and smoke weed,, so wat?) ,, alas fire fox is clutter we dont really need on the desk top these ends... (must be getting old fashioned..lol)

Peace n love all

I am confused-- Why do you have to remove the "s"?? It doesn't seem to effect anything to me-- Just curious--
 

watson540

Member
quite curious actually, as this site only rnders correctly for me in konqueror or a frambuffered links2..firefox and opera both just display the oh-so-pretty background and no text
 

DocLeaf

procreationist
ICMag Donor
Veteran
Peace all. , thanks.

kmk : with the 's' then every page displays a security warning. Once the 's' is removed from the http link then all works smooth :D
 

DocLeaf

procreationist
ICMag Donor
Veteran
Note that members may also need to remove the 's' from the http when entering the chatroom.

Peace all
 

FreeMan

Member
Note that members may also need to remove the 's' from the http when entering the chatroom.

Peace all

Just a note on this Doc. I can access chat with https through Firefox. It never used to work until I added the chat IP to the safe list in 'Peer Guardian', so if people are using IP blockers like such they need to adjust their blocklists.
 
G

growcodile

there is no need for removing the 's' from 'https' when you add an exception rule for icmag.com

there is another fine firefox plugin offered by EFF:

https://www.eff.org/https-everywhere

which enforces https/ssl everywhere (on sites you add with a config file) .. very useful on sites you use with https .. but have tons of links to http again (mostly to images etc)
 

hawaiiOG

Member
thank you but I already am running on fire fox and your right the site looks great master peace of greatness
 

BIGGS

**********
Veteran
Yeah firefox is pant(s),, we're rolling on Chrome folks .. lol

i prefer firefox.

heres what i read about chrome on another site:


Chrome is a security nightmare, indexes your bank accounts

Los Angeles (CA) – Can a browser’s search function work too well? After playing around with Google’s brand new Chrome browser, we’ve discovered that its history search box will fetch all types of data - even text from HTTPS-protected financial sites like Washington Mutual and Capital One. With a few utterly simple keywords like balance, account and Sept., everything from balance information, account numbers and even how much you spent at Costco can be pulled up.

To see all of this in action, just open up Chrome and log in to your favorite financial website. Like most important sites, it should be protected with HTTPS/SSL encryption and that should be evident in the address bar of the browser. Do the stuff you would normally do like look at your balances and gawk at your latest transactions and then open up a new tab in Chrome by clicking the “+” symbol. In the right-hand history search box, enter a few keywords and see what they get you. Surprised? I bet you are. No luck? Then try something simple like oh Visa, Mastercard, balance and account. Also try out the names and abbreviations of months like September, Sept and Sep.

If you’re like me, you probably saw account balances and some transaction details, but if you further refine your keywords you’d be able to see a lot more. We first discovered this “problem” by browsing the forensicfocus.com forums. “Problem” is in quotes because we’re not sure if this is a true vulnerability or Google Chrome’s search function working as intended – in this case, just too damn good. While playing around with the forensic implications of Chrome, “Jelle” on the forums posted that he and his partner noticed the browser was indexing information from HTTPS sites.

“One interesting finding is that in the regular browsing mode, Chrome creates a search index of the contents of a lot of the pages you visit. This allows you to do keyword searching in your own web history. On some of our tests, we found that content of https pages had been indexed as well, allowing us to retrieve our bank account details using a keyword search,” Jelle posted.

Of course after reading this I just had to give it a try and logged into my Washington Mutual and Capital One credit card accounts. I looked at my pathetically low bank account balances along with my insanely high outstanding credit card balances. Then I pulled up a recent list of transactions for the month (damn you gas prices) - on many financial websites this information is usually shown on the very first page after logging in. Then I opened up a new tab and started playing around with keywords.

Thinking like a hacker, my first plan of attack was to enumerate or list the financial services. After enumeration, I could drill down into the exact accounts and transactions. By simply typing in Visa, Mastercard, account and the names of popular banks you can find the types of accounts and which institution they belong to. In my case, Capital and Washington worked just fine. To get my account balance, I just typed in “balance” and to get transaction information I entered “transaction”. Typing in “costco” pulled up how much I spent on my last trip.

Is there a way to protect your financial information from being indexed? Google Chrome does have an incognito mode that promises to not cache anything. This can be accessed from the file menu in the upper-right corner of the window or by using the keyboard shortcut (Control Shift N). You can also clear your browser data after surfing to a financial website by going to the tools menu that’s also in the upper-right corner.

It was just yesterday that I wrote about Chrome’s security as being “not bad”, but I personally don’t get a warm and fuzzy feeling if Chrome is indexing all of my financial information. Search and indexing is what Google is good at and the company has made my life a whole lot easier in many ways, but indexing financial info is crossing the line.

On the programming level, I can’t really blame Google’s developers though because HTTPS was never meant to provide any protection anyways on the desktop itself. The protection was developed to protect traffic as it travelled through the “Wild West” Internet. But while this distinction is clear to most of our readers – the regular person probably believes HTTPS/SSL traffic is and should be protected on the desktop.

So is this all a big deal? Well anyone who wants to search your financial information would need local access to your machine and if a person is sitting at your computer, you have a lot more things to worry about than him/her using Chrome’s history search. Conceivably a hacker could develop an app to pull the cache and index files off your computer and examine them later on another machine – these files reside in the “C:\Documents and Settings\USERNAME\Local Settings\Application Data\Google\Chrome\User Data\Default” folder.

But on a simpler level, if ALL of the sites I visit are being keyworded and indexed locally, then how do I know that this information will stay local. I guess that depends on how much you trust Google.
 

jes1243

Member
All I use is firefox.Opera is ok but don't like the setup on some pages.
Biggs thats some nice info
 
M

Mr.Hank

I first used opera also.. then after something annoying, I started using firefox and I have nothing bad to say about this browser.
 
Top