Author

Topic: [AREA REQUEST] Can we have an opsec section on the site? or even Security? (Read 585 times)

hero member
Activity: 882
Merit: 1006
SSL is used to secure the data in transit between server and client. It is to prevent anyone from reading the traffic or modifying it.

The risk would be that a hacker who has access to the persons WiFi connection could change the Bitcoin address displayed on the website and replace it with his own, allowing him to steal Bitcoins. They could also read any passwords etc This could also be done by the owners of a VPN/proxy service the user was using, or a hacker who has compromised an ISP that is transferring the packets, or an intelligence agency that has compromised a backbone internet router.

You should always use SSL when you can even if you do not think it is important, as some users may not want the NSA being able to easily spy on their traffic to your website. you can get a PositiveSSL cert for $2, and soon the EFF plan to launch a CA that will provide free SSL certs: https://letsencrypt.org/
global moderator
Activity: 3794
Merit: 2612
In a world of peaches, don't ask for apple sauce
Why you can not discuss security... things like SSL for websites in "off topic" section? Just to clarify.  Smiley
You can. The off-topic section can be perfectly utilised for the discussion of digital security. If it relates to Bitcoin, it has to be in one of the other sections (depends on the content). Besides, I doubt it would actually contain and regularly get enough threads to warrant the creation of a new board.
staff
Activity: 3472
Merit: 4111
Crypto Swap Exchange
Why you can not discuss security... things like SSL for websites in "off topic" section? Just to clarify.  Smiley
legendary
Activity: 1456
Merit: 1018
HoneybadgerOfMoney.com Weed4bitcoin.com
I'm asking because I know it fits into technical discussion and project developments. But it's not here. 

I wanted to know what the primary benefit of SSL would be for a site that only takes bitcoin that has other stuff on lock like escaping all values permissions set properly to file access, etc.  I mean SSL is cheap but, its effectively a barrier to entry if perceived as an inferior platform to transact with if SSL is absent - catch my drift guys?
Jump to: