VCF West | Aug 01 - 02 2025, | CHM, Mountain View, CA |
VCF Midwest | Sep 13 - 14 2025, | Schaumburg, IL |
VCF Montreal | Jan 24 - 25, 2026, | RMC Saint Jean, Montreal, Canada |
VCF SoCal | Feb 14 - 15, 2026, | Hotel Fera, Orange CA |
VCF Southwest | May 29 - 31, 2026, | Westin Dallas Fort Worth Airport |
VCF Southeast | June, 2026 | Atlanta, GA |
^ What he said.HTTPS is an evil blight on the internet designed to intentionally lock out older clients further forcing everyone in to upgrading software and hardware.
Since this forum is about vintage computing, locking out such users would be be the wrong thing to do.
- Posted from Windows 95.
What about TOR?
Staying logged in means that you are basically sending a cookie that indicates you are logged in each time you load a page. That cookie is enough to let you make posts under your identity. So while not as bad as sending a password, it's still pretty bad - somebody can impersonate you with just the cookie.
Any machine that sees that request packet can see the cookie. That includes your ISP and anybody sniffing packets if you are using an open WiFi hotspot. Even if you just load a page from this forum while "logged in" without sending the password, you have just given somebody what they need to impersonate you. Sending a password is slightly worse, unless you reuse passwords across multiple forums - then you are really playing with fire.
The short story is that ranting about HTTPS seems to be uninformed. We're not going to break old machines and browsers. But we will encourage people to do their normal activities here using SSL to minimize the risk. And everybody should understand what the risk is and mitigate it properly.
The short story is that ranting about HTTPS seems to be uninformed. We're not going to break old machines and browsers. But we will encourage people to do their normal activities here using SSL to minimize the risk. And everybody should understand what the risk is and mitigate it properly.
There are indeed "SSL Strip" proxies, with proper firewall configuration, you can even make them transparent.