Isn't it ironic?

ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

Isn't it ironic?

(1/2) > >>

longrun:
Firewalls have been discussed elsewhere on DC; this is simply for your amusement.

wreckedcarzz:
;D

Thats different, definitely worth a laugh :)

Renegade:
BEAUTIFUL! :D

The security crowd really irks me as they really do little more than peddle fear and confusion. I love to see them trip over their own 'doom and gloom' sermons. Serves them right.

Not sure if anyone ever listens to the Security Now podcast, but there was a show a few episodes back (between 108~110 - forget which) where Steve is going on about his "secure" password page where you can generate "secure" passwords and that nobody can know them because the page is all "secure" through SSL, blah blah blah... From that page:

What makes these perfect and safe?
...
Also, because this page will only allow itself to be displayed over a snoop-proof and proxy-proof high-security SSL connection, and it is marked as having expired back in 1999, this page which was custom generated just now for you will not be cached or visible to anyone else.

--- End quote ---

*Emphasis mine...

Screen shot courtesy of my favorite screen shot utility, Screenshot Captor:

Isn't it ironic?

The page is http://grc.com/password.htm.

Both IE and Firefox redirect to HTTPS, but Opera doesn't. Why? Well, the answer should be fairly obvious. IT'S A SECURITY HOLE!

The page IS NOT secure in Opera. Huh? WTF? Wait a second... Didn't the security expert just say, "this page will only allow itself to be displayed over a snoop-proof and proxy-proof high-security SSL connection?"

So much of the security industry is just pure snake oil.

And besides, nobody needs 64 character passwords. That's just silly. The universe will die out before you can brute force anything near that.

Reminds me of an Ozzy song - Miracle Man. It's about when the TV evangelist Jimmy Swaggart got caught with a hooker.

jgpaiva:
The page IS NOT secure in Opera.
-Renegade (October 07, 2007, 03:51 AM)
--- End quote ---
Apparently, the man has no fault... On opera 9.5 build 9562, it is displayed over https, which means it probably was a problem with earlier versions of opera and not the page itself.

Renegade:
The page IS NOT secure in Opera.
-Renegade (October 07, 2007, 03:51 AM)
--- End quote ---
Apparently, the man has no fault... On opera 9.5 build 9562, it is displayed over https, which means it probably was a problem with earlier versions of opera and not the page itself.
-jgpaiva (October 07, 2007, 06:37 AM)
--- End quote ---

I refuse to recant! ;)

The problem can't be in the browser. HTTPS is determined by the server. When a request comes in over HTTP, you can either accept it and continue, or refuse, or redirect. Just because a client asks for an HTTP/HTTPS page doesn't mean that it can necessarily get it. Those decisions are left to the web application.

Navigation

[0] Message Index

[#] Next page

Go to full version