Main Menu |
Most Favorited Images |
Recently Uploaded Images |
Most Liked Images |
Top Reviewers |
cockalatte |
649 |
MoneyManMatt |
490 |
Still Looking |
399 |
samcruz |
399 |
Jon Bon |
397 |
Harley Diablo |
377 |
honest_abe |
362 |
DFW_Ladies_Man |
313 |
Chung Tran |
288 |
lupegarland |
287 |
nicemusic |
285 |
You&Me |
281 |
Starscream66 |
280 |
George Spelvin |
267 |
sharkman29 |
256 |
|
Top Posters |
DallasRain | 70799 | biomed1 | 63389 | Yssup Rider | 61083 | gman44 | 53297 | LexusLover | 51038 | offshoredrilling | 48713 | WTF | 48267 | pyramider | 46370 | bambino | 42891 | The_Waco_Kid | 37233 | CryptKicker | 37224 | Mokoa | 36496 | Chung Tran | 36100 | Still Looking | 35944 | Mojojo | 33117 |
|
|
01-08-2023, 02:15 PM
|
#151
|
Registered Member
Join Date: Aug 19, 2020
Location: Dallas
Posts: 19
|
They're using LetsEncrypt, which is a really common free SSL certificate provider supported by all major browsers and totally automated. The problem is that LetsEncrypt was one of the first CAs (certificate authority) to cut their certificate lifespans down to 90 days. Unfortunately, it appears this hasn't happened since April. My guess, their automation broke or they're just not doing the replacement. Brave and a few other browsers will allow you to click thru the expired certificate warnings, but I believe Safari, Chrome, etc will just NOT without some settings tweaks.
Edited to add: and if you look at the time stamps on the cert issue date, they're from 4:40AM Central time. That says to me some poor ops guy doing it in the middle of the night, not automation.
(Cybersecurity inside baseball: All the browser makers were planning on cutting from 2 year to 1 year to 180 days to 90 days down eventually to one day lifespan to force sites to automate their renewals, for safety. It wouldn't matter if a private key was compromised with more key rotation. This also ties in with a broader move to ephemeral ciphers and perfect forward secrecy, it's all about making sure certain intelligence agencies everyone thinks are totally off the leash from reading all our internet traffic. Lots of interesting speculation around quantum computing as well.)
|
|
Quote
| 3 users liked this post
|
01-08-2023, 02:49 PM
|
#152
|
Valued Poster
Join Date: Dec 21, 2011
Location: US
Posts: 1,268
|
^^^thank you for your informative post!
Eccie uses Let's Encrypt certificates.
|
|
Quote
| 1 user liked this post
|
01-08-2023, 09:08 PM
|
#153
|
Premium Access
Join Date: May 29, 2011
Location: heaven and hell
Posts: 7,520
|
Quote:
Originally Posted by LustyBustyGina38FF
I agree and some(trolls) who put every thing down that's not About ECCIE will just post negative things about PP.
If I have seen(YOU) I will give a refes . Might want to check out my next tour soon I can get you on PP
|
haha when's he coming back now? LOL
|
|
Quote
| 1 user liked this post
|
01-09-2023, 08:43 PM
|
#154
|
Valued Poster
Join Date: Feb 9, 2014
Location: Austin, TX
Posts: 1,111
|
And I use...
Quote:
Originally Posted by saustin
^^^thank you for your informative post!
Eccie uses Let's Encrypt certificates.
|
Depends XXL adult diapers!
Both will hold the poop in to a certain point, and the the defecation hits the automation!
Bwahahahahaha!
|
|
Quote
| 1 user liked this post
|
01-10-2023, 10:25 AM
|
#155
|
Valued Poster
Join Date: Dec 21, 2011
Location: US
Posts: 1,268
|
Quote:
Originally Posted by Anonymous01
Depends XXL adult diapers!
|
Sharing your personal hygiene is TMI for me.
|
|
Quote
| 1 user liked this post
|
01-10-2023, 10:27 AM
|
#156
|
Registered Member
Join Date: Aug 19, 2020
Location: Dallas
Posts: 19
|
Quote:
Originally Posted by saustin
^^^thank you for your informative post!
Eccie uses Let's Encrypt certificates.
|
Everyone should! ACME protocol is a great advance in security that everything should support. I'm looking at you Microsoft!!!
|
|
Quote
| 1 user liked this post
|
01-10-2023, 01:54 PM
|
#157
|
Valued Poster
Join Date: Dec 21, 2011
Location: US
Posts: 1,268
|
Perhaps Acluesless1 will absorb your knowledge. Thanks for sharing!
|
|
Quote
| 1 user liked this post
|
01-10-2023, 09:50 PM
|
#158
|
The Grey Knight
Join Date: Apr 12, 2009
Location: South of the Trinity
Posts: 16,838
|
Quote:
Originally Posted by Gandalf4301
Actually, your statement is incorrect. They have a valid security Certificate. The hackers have created a virus (I suppose a virus) that send the message and blocks the site and so far they have not been able to defeat the programming creating the problem, as I understand it.
|
Quote:
Originally Posted by dfwtallwmafdom
They're using LetsEncrypt, which is a really common free SSL certificate provider supported by all major browsers and totally automated. The problem is that LetsEncrypt was one of the first CAs (certificate authority) to cut their certificate lifespans down to 90 days. Unfortunately, it appears this hasn't happened since April. My guess, their automation broke or they're just not doing the replacement. Brave and a few other browsers will allow you to click thru the expired certificate warnings, but I believe Safari, Chrome, etc will just NOT without some settings tweaks.
Edited to add: and if you look at the time stamps on the cert issue date, they're from 4:40AM Central time. That says to me some poor ops guy doing it in the middle of the night, not automation.
(Cybersecurity inside baseball: All the browser makers were planning on cutting from 2 year to 1 year to 180 days to 90 days down eventually to one day lifespan to force sites to automate their renewals, for safety. It wouldn't matter if a private key was compromised with more key rotation. This also ties in with a broader move to ephemeral ciphers and perfect forward secrecy, it's all about making sure certain intelligence agencies everyone thinks are totally off the leash from reading all our internet traffic. Lots of interesting speculation around quantum computing as well.)
|
Finally, some information that makes sense!
This likely explains why from April until November or December (whenever the latest issues were reported) I was able to get secure connections every 2-4 attempts, with the other attempts resulting in the security warning from Safari. I thought there must be a valid certificate if I was able to get through without bypassing the warning, typing “http” vs “https”, or some of the other workarounds people use to get through.
For those using Puffin mobile to access oh2, are you folks making sure you’re getting secure connections, or are you not worrying about it? I’m also curious if one of the folks who seem to be knowledgeable about cybersecurity can answer the question if Puffin is a safe alternative to access oh2 (I.e., better able to reliably provide a secure connection thanks to the way the browser works) or just another workaround.
|
|
Quote
| 1 user liked this post
|
01-10-2023, 11:00 PM
|
#159
|
Professional Tush Hog.
Join Date: Mar 27, 2009
Location: Here and there.
Posts: 8,959
|
Quote:
Originally Posted by dfwtallwmafdom
Everyone should! ACME protocol is a great advance in security that everything should support. I'm looking at you Microsoft!!!
|
I’ve always been skeptical of ACME after watching the roadrunner. Never did too much for the coyote.
|
|
Quote
| 1 user liked this post
|
01-11-2023, 08:34 AM
|
#160
|
Valued Poster
Join Date: Jan 14, 2019
Location: IHOP
Posts: 4,324
|
Quote:
Originally Posted by TexTushHog
I’ve always been skeptical of ACME after watching the roadrunner. Never did too much for the coyote.
|
We could ask WEC but he's on vacation again.
|
|
Quote
| 1 user liked this post
|
01-11-2023, 12:11 PM
|
#161
|
Upgraded Female Account
User ID: 117
Join Date: Mar 28, 2009
Location: TEXAS
Posts: 1,465
My ECCIE Reviews
|
I'm posting this here because it is just not ladies that get these texts/emails etc
It didnt take this fool long to jump on the bandwagon of a fallen site..
Got a text from 214-736-4663 asking me what my location is, so i give the general location..
I then get a text from them
hi phemie, oh2 down again? Try us instead https://ourhome4.net . Existing members of P411/ecie/oh2 get automatic activation. Thanks!
Beware of what you click...
|
|
Quote
| 1 user liked this post
|
01-11-2023, 12:16 PM
|
#162
|
Premium Access
Join Date: Mar 4, 2018
Location: Anna
Posts: 507
|
Quote:
Originally Posted by TinMan
Finally, some information that makes sense!
For those using Puffin mobile to access oh2, are you folks making sure you’re getting secure connections, or are you not worrying about it? I’m also curious if one of the folks who seem to be knowledgeable about cybersecurity can answer the question if Puffin is a safe alternative to access oh2 (I.e., better able to reliably provide a secure connection thanks to the way the browser works) or just another workaround.
|
Puffin sends all of your traffic thru their cloud system and it’s rendered there before being sent to your browser. The Puffin cloud system collects your weblogs, including your TCP layer information (Source IP, Source port, destination IP, destination port). It also stores HTTP layer information (URL, HTTP headers).
|
|
Quote
| 1 user liked this post
|
01-11-2023, 02:31 PM
|
#163
|
The Grey Knight
Join Date: Apr 12, 2009
Location: South of the Trinity
Posts: 16,838
|
Quote:
Originally Posted by Ralph Fults
Puffin sends all of your traffic thru their cloud system and it’s rendered there before being sent to your browser. The Puffin cloud system collects your weblogs, including your TCP layer information (Source IP, Source port, destination IP, destination port). It also stores HTTP layer information (URL, HTTP headers).
|
I’m no techie, but that doesn’t sound like something I’d want to consent to. Google and Apple may do the same, but those are devils I know.
|
|
Quote
| 1 user liked this post
|
01-11-2023, 09:07 PM
|
#164
|
Premium Access
Join Date: May 29, 2011
Location: heaven and hell
Posts: 7,520
|
Jesus How many freaking sites can be created. Thats crazy
Quote:
Originally Posted by Euphemia
I'm posting this here because it is just not ladies that get these texts/emails etc
It didnt take this fool long to jump on the bandwagon of a fallen site..
Got a text from 214-736-4663 asking me what my location is, so i give the general location..
I then get a text from them
hi phemie, oh2 down again? Try us instead https://ourhome4.net . Existing members of P411/ecie/oh2 get automatic activation. Thanks!
Beware of what you click...
|
|
|
Quote
| 1 user liked this post
|
01-12-2023, 12:59 PM
|
#165
|
The Grey Knight
Join Date: Apr 12, 2009
Location: South of the Trinity
Posts: 16,838
|
Quote:
Originally Posted by cage196
Jesus How many freaking sites can be created. Thats crazy
|
Lol, no kidding. Remember when Eccie went dark after Fosta and someone created a mirror site? Folks clamored to that, entering their login credentials from here, without even giving a second thought to the site’s legitimacy (it wasn’t).
|
|
Quote
| 1 user liked this post
|
|
AMPReviews.net |
Find Ladies |
Hot Women |
|