Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Tue 16 Oct 2018, 21:15
All times are UTC - 4
 Forum index » Taking the Puppy out for a walk » Announcements
Chrome 70 drops HTTPS certificate provider Symantec
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 2 of 2 [17 Posts]   Goto page: Previous 1, 2
Author Message
mikeslr


Joined: 16 Jun 2008
Posts: 2685
Location: 500 seconds from Sol

PostPosted: Wed 10 Oct 2018, 08:30    Post subject: Clarification about firefox-Mapquest  

Hi All,

Following dancytron's post above, I did the same. But this time I was on my computer running Xenialpup64. My previous experience was on my wife's Window 10 computer which is attached to the printer. The MapFox "offer' took up half the screen, was in the center and did not have a close button.

Maybe I just don't understand Windows 10. Maybe the ploy hasn't yet been ported to Linux versions of firefox.
Back to top
View user's profile Send private message 
Mike Walsh


Joined: 28 Jun 2014
Posts: 4230
Location: King's Lynn, UK.

PostPosted: Thu 11 Oct 2018, 19:39    Post subject:  

Following a read of an article on CNet, I felt some 'clarification' was in order.

The Forum will still work with Chrome 70, albeit with stronger warnings about being insecure.

The original post is about certain supposedly 'secure' sites that will run into problems; any site, in fact, with a certificate issued by Symantec (following a fall-out between Google's top brass and those at the helm of the company that brings you Norton AntiVirus, amongst others.)

-----------------------------------------

The following article was written back in late July, just to give context to date references.

From CNet, the 'roadmap' of the changes expected with the recent versions of Chrome (and those yet to arrive):-

Quote:
"What'll I see in Chrome with an HTTP website?

Chrome's changes have been gradual, starting with the Chrome warning plan way back in 2016 and continuing with a warning in February that the HTTP "not secure" alert would arrive in July. Here are the steps in the transition.

Right now if you visit an HTTP website, Chrome shows a circled "i" icon to the left of the address denoting an opportunity for more information. If you click it, Chrome says, "Your connection to this site is not secure." That's not particularly alarming, though it isn't as comforting as the green padlock and word "secure" shown there for an HTTPS-protected connection.

Starting Tuesday with Chrome 68, an HTTP connection instead will show the words "not secure" alongside the information icon.

Then Chrome 69, due in September, will emphasize that secure HTTPS connections are ordinary, not something surprising, by dropping the green color for the padlock icon and "secure" word it shows now. Instead you'll see a less noticeable black lock, Google said in a May blog post. At some point later, that lock will disappear as Google tries to convince us that HTTPS should simply be what we expect.

Last, in October, Chrome 70 will take a more aggressive stance against unencrypted HTTP sites by changing the black "not secure" warning to a more alarming red color."


And there you have it. So I must apologise for perhaps misleading y'all, by being 'alarmist' over this one.....!

----------------------------------

Barry himself, a couple of posts back, mentioned Let'sEncrypt. At one time, the obtaining of encrypted HTTPS certificates meant jumping through many hoops, and was also quite expensive. But the afore-mentioned people now issue digitally-signed HTTPS certificates for free in just a matter of minutes.

Quote:
"Why haven't we been using HTTPS all along?

HTTPS is decades old, but in the early days of the web, it was only used to protect us when typing obviously sensitive data like passwords and credit card numbers into websites.

Why was it unusual? Years ago, HTTPS taxed server processors and network speeds, and website operators had to pay for certificates that enabled the feature. The performance problems have long been solved, though, and an effort called Let's Encrypt -- sponsored by Google, Facebook, Mozilla, Akamai, Cisco Systems, Brave and the Electronic Frontier Foundation, among others -- means certificates are now free, and issued almost immediately."


Hardly surprising to see Google's name at the front of the list of 'sponsors', eh? With Chrome's market share approaching 60 %, this does, of course, give them even more global 'clout' than ever.....

However, some individuals believe an even more aggressive stance should be taken against websites that refuse to 'toe the line':-

Quote:
"Google's choice to call out HTTP sites as insecure, though, means there's a strong new incentive for website operators not to put it off anymore.

Some would like to see browsers make us jump through even more hoops to load HTTP websites. "Users should have to opt-in to putting themselves at risk," said Josh Aas, executive director of Let's Encrypt. "Nobody is saying the old unmaintained websites have to be taken down. But it's absolutely not worth putting everyone at risk, by default, just to enable viewing historic or unmaintained websites.""


That last bit really smacks of 'Big Brother' and 'the nanny-state', don'tcha think? Rolling Eyes

(*jeez*)


Mike. Wink

_________________
MY PUPPY PACKAGES | 'Thanks' are always appreciated!
--------------------------------------

Back to top
View user's profile Send private message Visit poster's website 
Display posts from previous:   Sort by:   
Page 2 of 2 [17 Posts]   Goto page: Previous 1, 2
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Taking the Puppy out for a walk » Announcements
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0371s ][ Queries: 13 (0.0082s) ][ GZIP on ]