Pages in topic: [1 2] > |
https://www.wikiwords.org/ google chrome privacy error - work Thread poster: Wolfram Weinberg, PhD
|
it appears that standard security settings in google chrome block access to wikiwords. i wonder what needs to be done in order to make use of wikiwords without exposing search activity and datauploads to abusers. | | |
Proz certificate | Jan 11, 2019 |
Proz should review their certificate for that URL. Google Chrome will not accept certain certificates that they don't consider secure. You can bypass the warning in Chrome, by the way. | | |
Jean Lachaud United States Local time: 01:33 English to French + ... Easy to bypass | Jan 11, 2019 |
That sort of warnings occurs from time to time, with various web sites (I use srware.net Iron, which is based on Chromium). Simply click on Advanced, then on Proceed to ... After such a web site is accessed, the warning does not reappear. | | |
Wolfram Weinberg, PhD United States Local time: 00:33 Member (2018) English to German + ... TOPIC STARTER one should not be concerned ? | Jan 11, 2019 |
- submitting one's proz.com login info and expose one's searches and uploads to a http instead of https site? | |
|
|
To a certain extent | Jan 11, 2019 |
Yes, to a certain extent if you need to provide credentials. Here is what Firefox says: 'The owner of wikiwords.org has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.' Since the https protocol is not used, there is a risk of theft of information. I'm not sure what any hackers would do with Proz credentials, though. I suggest you report the problem to Proz support. | | |
Wolfram Weinberg, PhD United States Local time: 00:33 Member (2018) English to German + ... TOPIC STARTER apparently ProZ/wikiwords do not care | Jan 12, 2019 |
to implement warnings and protections that e.g. firefox and chrome find necessary. | | |
Was that the answer? | Jan 12, 2019 |
Wolfram Weinberg wrote: apparently ProZ/wikiwords do not care to implement warnings and protections that e.g. firefox and chrome find necessary. Was that what they answered to your support ticket? | | |
Wolfram Weinberg, PhD United States Local time: 00:33 Member (2018) English to German + ... TOPIC STARTER is there a ticket procedure for what appears to be | Jan 12, 2019 |
a desirable systemic/attitude adjustment on the part of ProZ/wikiwords
[Edited at 2019-01-12 17:47 GMT] | |
|
|
Support link | Jan 12, 2019 |
Wolfram Weinberg wrote: a desirable systemic/attitude adjustment on the part of ProZ/wikiwords
[Edited at 2019-01-12 17:47 GMT] Bugs can be reported at the support page at https://www.proz.com/support . If you are concerned by a bug but don't report it, I don't think it's reasonable to complain about site staff's attitude. Bugs happen in real life. | | |
Wolfram Weinberg, PhD United States Local time: 00:33 Member (2018) English to German + ... TOPIC STARTER if I would be concerned about (not by) a bug I would report it | Jan 12, 2019 |
thank youi for the advice. with all due repsect: I do not complain. I shared a concern that you determined to be legitmate did you not?
[Edited at 2019-01-12 18:52 GMT] | | |
Rolf Keller Germany Local time: 06:33 English to German The problem is NOT "http vs https" | Jan 13, 2019 |
The problem is that www.wikiword.org presents a certificate that was definitely issued (more than 10 months ago) for a different entity (person or company) instead for wikiwords.org. This is just like somebody who says he's Paul Miller but presents - as proof - an identity card that was issued for Vanessa Smith. So he or she might well be the disguised Bob Evil - who knows for sure? Is Kevin Translator a good jud... See more The problem is that www.wikiword.org presents a certificate that was definitely issued (more than 10 months ago) for a different entity (person or company) instead for wikiwords.org. This is just like somebody who says he's Paul Miller but presents - as proof - an identity card that was issued for Vanessa Smith. So he or she might well be the disguised Bob Evil - who knows for sure? Is Kevin Translator a good judge for such Internet things? But unfortunately Kevin Translator operates a PC that is connected to the public Internet. If a remote Bob Evil is able to put some evil software via a hacked website onto Kevin's PC, this software can spread to millions of other PC's. In such a situation the problem is not Kevin's personal problem, but Kevin is the problem. For all of us. https://en.wikipedia.org/wiki/Botnet ▲ Collapse | | |
Wolfram Weinberg, PhD United States Local time: 00:33 Member (2018) English to German + ... TOPIC STARTER The problem is NOT "http vs https" – really? | Jan 13, 2019 |
Should one not be concerned providing one’s ProZ’ credentials via http to wikiwords.org ? Should one not expect that this is a risk (e.g. cautioned by Firefox and Google) that should be on ProZ' security radar for all; that ProZ in the interest of all does not pass on and provide for use one’s ProZ’ credentials for who wants to use wikiwords.org. I am not ‘not sure’ or otherwise naive about “what any hackers would do with Proz credentials [to all of us], though.” as has been said here earlier.
[Edited at 2019-01-13 19:41 GMT]
[Edited at 2019-01-13 19:46 GMT] | |
|
|
What is the purpose of this discussion now? | Jan 13, 2019 |
You originally asked the question: 'i wonder what needs to be done in order to make use of wikiwords without exposing search activity and datauploads to abusers.' I gave you the answer: report the problem to site support (the two sites are clearly linked; Wikiwords seems to be a Proz-owned site). You don't want to do that. So what do you want to obtain from this discussion? | | |
Wolfram Weinberg, PhD United States Local time: 00:33 Member (2018) English to German + ... TOPIC STARTER a discussion | Jan 13, 2019 |
- | | |
Rolf Keller Germany Local time: 06:33 English to German The problem is NOT "http vs https" – definitely! | Jan 14, 2019 |
Wolfram Weinberg wrote: The problem is NOT "http vs https" – really? The problem reported by browsers with Wikiwords has nothing to do with "http vs. https". Just look at the screenshot posted by yourself. It reads "CERT_COMMON NAME_INVALID", that's the real message from the underlying web engine. Just check the certificate. You'll see that this message is true, then. THAT'S what I explained. Additionally look at the address bar in your Browser: It reads "httpS://www.wikiwords.org". The "Your connection is not private" message from your browser's frontend is just wrongly - or at least misleading - put into words. I am not ‘not sure’ or otherwise naive about “what any hackers would do with Proz credentials [to all of us], though.” as has been said here earlier. In this respect you are quite right. Of course Proz credentials can be abused for several things. What "has been said here earlier" is extremely naive. But as https is used ... | | |
Pages in topic: [1 2] > |