Whats up with this?

skeets

Well-known member

Equipment
BX 2360 /B2601
Oct 2, 2009
14,094
2,755
113
SW Pa
Why all of a sudden is this site listed as a NON SECURE site??? :confused:
 

Daren Todd

Well-known member
Lifetime Member

Equipment
Massey Ferguson 1825E, Kubota Z121S, Box blade, Rotary Cutter
May 18, 2014
8,961
4,326
113
Vilonia, Arkansas
I got a similar message, but it was for the site certificate. Cleared out my browsing history and it went away.

Also wasn't able to respond to any posts till I cleared my browsing history and signed back in.

Sent from my SM-G920V using Tapatalk
 

torch

Well-known member

Equipment
B7100HSD, B2789, B2550, B4672, 48" cultivator, homemade FEL and Cab
Jun 10, 2016
2,583
831
113
Muskoka, Ont.
Because you can't reach it via https://

http sites are unencrypted. Whatever you type -- including passwords, etc. can be intercepted, read, modified, etc.

https sites use encryption to secure your communications against interception. Assuming you are talking to the site you think you are talking to. DNSCrypt is require to ensure someone hasn't hijacked the DNS record of a site they are spoofing, as is done with "man in the middle" attacks.

https is becoming much more common. Search engines are showing preference for secure sites and browsers are actively preferring them or even blocking http sites. DNS security is unfortunately lagging behind.
 

skeets

Well-known member

Equipment
BX 2360 /B2601
Oct 2, 2009
14,094
2,755
113
SW Pa
Thats interesting,,, now would you mind saying that again in little words, so that people who have no idea about puters might understand :D
 

torch

Well-known member

Equipment
B7100HSD, B2789, B2550, B4672, 48" cultivator, homemade FEL and Cab
Jun 10, 2016
2,583
831
113
Muskoka, Ont.
Um... "This site is not secure." ?
 

torch

Well-known member

Equipment
B7100HSD, B2789, B2550, B4672, 48" cultivator, homemade FEL and Cab
Jun 10, 2016
2,583
831
113
Muskoka, Ont.
If the site address starts with https://, then it uses encryption to protect communications.

DNS is the Domain Name System -- an index of the internet that your computer uses to turn website names (like https://www.orangetractortalks.com) into an actual IP address (192.168.0.0) that your computer uses to connect.

If you send your password to an http site, then anyone in the chain can listen in and read it, giving them access as you. Probably not an issue here, but would be if you are doing online purchasing or banking and sending valuable personal info.

If someone spoofs the DNS (eg: changes the address to something else, like 176.10.0.0), then they can redirect traffic from the intended site to their own site. Your computer will happily send encrypted communications to the wrong site. That site can relay to the intended site so you won't realize what is going on and the malicious site harvests all your info, such as credit card or banking passwords. That is called a "man in the middle" attack.

DNSCrypt encrypts the DNS communications to prevent DNS spoofing and ensure you are really talking to your bank's website when you log in. Just another layer of security.
 

BAP

Well-known member
Lifetime Member

Equipment
2012 Kubota 2920, 60MMM, FEL, BH65 48" Bush Hog, 60"Backblade, B2782B Snowblower
Dec 31, 2012
2,513
657
113
New Hampshire
The Russian’s are coming! The Russian’s are coming! Orange Tractor is under Attack. Man your tractors. :eek::D
 

mickeyd

Active member
Lifetime Member

Equipment
2014 L3200 DT w/LA524 FEL, 2019 Kubota Z121S w/ 48" Pro Dec, TG1860G w/RCK54TG
Mar 21, 2014
1,192
17
38
Guin, AL
It is long overdue for sites to become secure.

Some banks won't even let you log in if your browser isn't secure. It protects them also.
 

torch

Well-known member

Equipment
B7100HSD, B2789, B2550, B4672, 48" cultivator, homemade FEL and Cab
Jun 10, 2016
2,583
831
113
Muskoka, Ont.
The Russian’s are coming! The Russian’s are coming! Orange Tractor is under Attack. Man your tractors. :eek::D
Not just the Russians. China, US, Turkey, Brazil are also in the top 5 but it can come from just about anywhere.

And while it may not cause irreparable harm if one's password to OTT leaks, many (most?) people use the same password for multiple sites and never change it. Some attacks plant keyloggers and trojans. Or extortionware and ransomware. Or simply use your computer to shield themselves from tracing other illegal activities.

A note to the Admin: At one time it cost money and effort to obtain a trusted certificate to enable https connections to your website. However, several years ago the Internet Security Research Group introduced the "Lets Encrypt" project, offering free DV security certificates for simple, non-transactional websites like this one. (Paid OV and EV certificates are still in use by transactional websites as they not only verify the domain, but also the organization that owns the domain). "Lets Encrypt" is very easy to set up and certificate renewals are automated, so it's "fire and forget" for the site admin. Maybe it's time to consider this for OTT?

Update: I just ran a whois on OTT and see it is hosted by inmotionhosting. I found an inmotion support page detailing how to install Lets Encrypt certificates but apparently they also offer free Comodo certificates via their c-panel. So you have 2 choices. :D