Welcome to ECCIE, become a part of the fastest growing adult community. Take a minute & sign up!

Welcome to ECCIE - Sign up today!

Become a part of one of the fastest growing adult communities online. We have something for you, whether you’re a male member seeking out new friends or a new lady on the scene looking to take advantage of our many opportunities to network, make new friends, or connect with people. Join today & take part in lively discussions, take advantage of all the great features that attract hundreds of new daily members!

Go Premium

Go Back   ECCIE Worldwide > General Interest > Security Matters
test
Security Matters Personal security is of the utmost priority. Discussions regarding every aspect of personal security within the hobby can be found here.

Most Favorited Images
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
Most Liked Images
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
Top Reviewers
cockalatte 649
MoneyManMatt 490
Still Looking 399
samcruz 399
Jon Bon 397
Harley Diablo 377
honest_abe 362
DFW_Ladies_Man 313
Chung Tran 288
lupegarland 287
nicemusic 285
Starscream66 281
You&Me 281
George Spelvin 270
sharkman29 256
Top Posters
DallasRain70817
biomed163483
Yssup Rider61124
gman4453308
LexusLover51038
offshoredrilling48753
WTF48267
pyramider46370
bambino42983
The_Waco_Kid37293
CryptKicker37225
Mokoa36497
Chung Tran36100
Still Looking35944
Mojojo33117

Reply
 
Thread Tools
Old 01-06-2010, 04:22 PM   #16
Polecat
Registered Member
 
Polecat's Avatar
 
Join Date: Jan 1, 2010
Location: Gatineau, PQ
Posts: 7
Default

My cat can beat up your cat.........
Polecat is offline   Quote
Old 01-06-2010, 05:24 PM   #17
GneissGuy
Thank God it's Firday!
 
GneissGuy's Avatar
 
Join Date: Dec 12, 2009
Location: Austin, TX
Posts: 2,698
Encounters: 12
Default

Quote:
Originally Posted by Steve67 View Post
Tor has some at least one serious security problem. Anyone can set themselves up to run a tor exit node and watch the traffic that comes out of the tor network through your node. You can then eavesdrop on that traffic, seeing both what the user types in and the response.

Tor does solve the problem of your employer or ISP watching your traffic, but they can still tell you're using tor.

You can't use this trick to watch a particular person, but you can randomly steal userids and passwords, except for secure sites that use encryption through https, like most banking sites.

It would be a good thing if eccie were set up to allow a secure connection via https for several other reasons as well. In particular, no one at your ISP or even impersonating a wireless connection would not be able to see your eccie information.
GneissGuy is offline   Quote
Old 01-06-2010, 09:45 PM   #18
curiousbill101
Valued Poster
 
curiousbill101's Avatar
 
Join Date: Jan 4, 2010
Location: Dallas / Houston
Posts: 311
Encounters: 18
Default

https seems like it would be nice security enhancement.
curiousbill101 is offline   Quote
Old 01-07-2010, 11:36 AM   #19
npita
Lifetime Premium Access
 
Join Date: Apr 17, 2009
Location: dallas
Posts: 616
Default

Quote:
Originally Posted by GneissGuy View Post
It would be a good thing if eccie were set up to allow a secure connection via https for several other reasons as well. In particular, no one at your ISP or even impersonating a wireless connection would not be able to see your eccie information.
The only issues with using https might be the additional overhead required for (1) the connection handshake; and (2) encryption/decryption. The first would presumably not be an issue so long as clients used the http-keepalive and the server is set up for it (which presumably is the case).

The second might be an issue if the server load is already high. In any case, using https would require a lot of attention to tuning a number of web server parameters, so it might be a nice ``wish list item,'' but not something that should be looked at until the most important issues have been sorted out and well under control.

A third issue would be that while no one could see the information passed in the requests and served pages, the tcp header is not encrypted, so the IT dept. would still know the to which one is connecting. Lots of proxies are set up to handle http, but not https (I don't know about anonymizers), so there may be no real benefit in practice. A false sense of security is worse than knowing something is insecure and acting accordingly. The bottom line is everyone with something to lose should not do stupid things, like connecting from work.
npita is offline   Quote
Old 01-07-2010, 01:37 PM   #20
GneissGuy
Thank God it's Firday!
 
GneissGuy's Avatar
 
Join Date: Dec 12, 2009
Location: Austin, TX
Posts: 2,698
Encounters: 12
Default

I think the https server code is sufficiently optimized and/or the computers are powerful enough that the overhead is not really that big a deal any more.

I wasn't necessarily talking about having eccie use https in conjunction with an anonymizer/proxy service. I'm thinking that https: gives an extra level of protection against internet providers and things like rogue access points in hotels or free wireless access places like restaurants. There are getting to be more and more people who'll put up their own wireless access point at a wireless hotspot and snoop on the traffic.

Even with an anonymizer service, there are getting to be so many sites that use https that there's quite an incentive to make the service work with https.

I was also not necessarily suggesting that all connections use https. It would be good if you could choose to use https: when you logged in, either by typing https://www.eccie or maybe even as a profile setting.
GneissGuy is offline   Quote
Old 01-07-2010, 02:33 PM   #21
Risn2TheOccasion
Valued Poster
 
Risn2TheOccasion's Avatar
 
Join Date: Dec 31, 2009
Location: Austin, TX
Posts: 755
Encounters: 36
Default

Thank God for Smart Phones.
Risn2TheOccasion is offline   Quote
Old 01-07-2010, 05:05 PM   #22
textodd11
Valued Poster
 
textodd11's Avatar
 
Join Date: Jan 4, 2010
Location: Texas
Posts: 543
Encounters: 19
Default

Trust me, I AM "Big Brother" and if you're on my network I can see anything I need to.

Not ONE of the measures mentioned here would have one bit of impact on my ability to trace and log all activity on any given user.

Your only hope is to use a wireless carrier outside the corporate network or better yet, wait till you get somewhere else. If you can't then the only suggestion I have is to become your IT Director's best friend in a hurry.
textodd11 is offline   Quote
Old 01-07-2010, 05:22 PM   #23
GneissGuy
Thank God it's Firday!
 
GneissGuy's Avatar
 
Join Date: Dec 12, 2009
Location: Austin, TX
Posts: 2,698
Encounters: 12
Default

Quote:
Originally Posted by textodd11 View Post
Trust me, I AM "Big Brother" and if you're on my network I can see anything I need to.

Not ONE of the measures mentioned here would have one bit of impact on my ability to trace and log all activity on any given user.

Your only hope is to use a wireless carrier outside the corporate network or better yet, wait till you get somewhere else. If you can't then the only suggestion I have is to become your IT Director's best friend in a hurry.
Well, yes, if you have administrator/root access to the user's PC, you can see anything they do.

If you don't control their individual PC, you're not going to be able to read what they send or receive over an https/ssl connection, are you? Yes, you can tell which web page they're going to, but not see their passwords or the data displayed, correct? If they go to something like anonymizer.com, you wouldn't be able to see anything more than the fact that they are going to anonymizer.com, would you?

Anyway, it's big time STOOPID to browse here from work on the company network.
GneissGuy is offline   Quote
Old 01-07-2010, 05:53 PM   #24
argus256
Valued Poster
 
Join Date: Dec 31, 2009
Location: Dallas
Posts: 948
Encounters: 26
Default

Quote:
Originally Posted by textodd11 View Post
Trust me, I AM "Big Brother" and if you're on my network I can see anything I need to.

Not ONE of the measures mentioned here would have one bit of impact on my ability to trace and log all activity on any given user.

Your only hope is to use a wireless carrier outside the corporate network or better yet, wait till you get somewhere else. If you can't then the only suggestion I have is to become your IT Director's best friend in a hurry.
I submit my measure for canidacy of you not seeing what I'm doing, and it's called IPSEC VPN to my home... unless you can break that encryption (which most IT lackies can't) then you ain't seein it... however, if you block that from leaving your network or block the application from being installed that will allow you to setup that encryption, then i'm not getting out of the network with it, obviously.

In addition to that if you're doing screen caps of the machine I'm on, obviously you can see it then...if I'm not using one of your comps then you can't with IPSEC.
argus256 is offline   Quote
Old 01-07-2010, 06:31 PM   #25
okie69696
Valued Poster
 
okie69696's Avatar
 
Join Date: Jan 7, 2010
Location: Oklahoma
Posts: 193
Encounters: 15
Default

I like all this information here but can you explain more about how to "Setup a "file" server with no monitor/keyboard... use a laptop to connect to the server." ?? That sounds like a perfect fit for me...if I just figure out how to do it. Would this new "server" be at home or my business?
okie69696 is offline   Quote
Old 01-07-2010, 08:31 PM   #26
GneissGuy
Thank God it's Firday!
 
GneissGuy's Avatar
 
Join Date: Dec 12, 2009
Location: Austin, TX
Posts: 2,698
Encounters: 12
Default

Quote:
Originally Posted by argus256 View Post
I submit my measure for canidacy of you not seeing what I'm doing, and it's called IPSEC VPN to my home... unless you can break that encryption (which most IT lackies can't) then you ain't seein it... however, if you block that from leaving your network or block the application from being installed that will allow you to setup that encryption, then i'm not getting out of the network with it, obviously.
It's pretty easy to detect that you're using IPSEC. Plenty of companies would take serious disciplinary action for using an unauthorized VPN.
GneissGuy is offline   Quote
Old 01-08-2010, 12:32 AM   #27
argus256
Valued Poster
 
Join Date: Dec 31, 2009
Location: Dallas
Posts: 948
Encounters: 26
Default

I didn't suggest that it wasn't easy to detect, just hard to break and take a peak
argus256 is offline   Quote
Old 01-08-2010, 08:13 PM   #28
GingerOnTour
Pending Age Verification
 
User ID: 5133
Join Date: Jan 3, 2010
Location: New City Every Week
Posts: 73
My ECCIE Reviews
Default ??

While hideing your IP from IT is great, some of us providers use this as a screening tool when reciving emails and yes your smartphone has an IP address too. I prefer to look up your IP and cell #, then to ask you where you work, 2+ refs, favorite color, and first born (just sayn).
GingerOnTour is offline   Quote
Old 01-08-2010, 10:03 PM   #29
busageek
Registered Member
 
Join Date: Jan 8, 2010
Location: Dallas
Posts: 1
Default Browser on a stick

Quote:
Originally Posted by okie69696 View Post
I like all this information here but can you explain more about how to "Setup a "file" server with no monitor/keyboard... use a laptop to connect to the server." ?? That sounds like a perfect fit for me...if I just figure out how to do it. Would this new "server" be at home or my business?
If all you're trying to do is hide your tracks on your home pc or laptop, there's an easier way to do that. Just run a browser on a usb flash drive. Take a look at portableapps.com. Load Firefox on a usb stick and only use that browser. Just remove the USB stick when you walk away from the pc and all traces of activity go with it.

Another option is to use the incognito feature in the Google Chrome browser.

Cheers,
busageek is offline   Quote
Old 01-08-2010, 11:10 PM   #30
argus256
Valued Poster
 
Join Date: Dec 31, 2009
Location: Dallas
Posts: 948
Encounters: 26
Default

Quote:
Originally Posted by busageek View Post
If all you're trying to do is hide your tracks on your home pc or laptop, there's an easier way to do that. Just run a browser on a usb flash drive. Take a look at portableapps.com. Load Firefox on a usb stick and only use that browser. Just remove the USB stick when you walk away from the pc and all traces of activity go with it.

Another option is to use the incognito feature in the Google Chrome browser.

Cheers,
That's all fine and dandy unless the network you're on is logging and filtering traffic.
argus256 is offline   Quote
Reply



Similar Threads
Thread Thread Starter Forum Replies Last Post
Hobby Phones - Where do you hide them? PSP Security Matters 45 02-07-2010 08:17 PM

AMPReviews.net
Find Ladies
Hot Women

Powered by vBulletin®
Copyright © 2009 - 2016, ECCIE Worldwide, All Rights Reserved