wingspar wrote:When I login to get to my gallery, I now get this message before I login.
“This connection is not secure. Logins entered here could be compromised”.
Apparently, this is a new feature of Firefox 52.0 and newer. What gives with this?
It's just Mozilla treating us all like idiots. I go into the back end of Firefox and turn that annoying sod of a feature off. You can do that by entering this in the address bar:
- Code: Select all
about:config
Then searching for the setting:
- Code: Select all
security.insecure_password.ui.enabled
and double clicking on it to change it from True to False. It will take effect after a browser restart.
This throws the onus back on you to ensure that you check that you're dealing with a secure site...
when it matters. Personally I've always done that so I don't need Firefox throwing up an annoying, textbox-obscuring (on some sites) dialog to tell me what I already know.
As Dave said, you will get this if you are logging onto a site which does not use the HTTPS protocol; that is, one which doesn't use secure socket layers (SSL) to encrypt data transmissions between you and the server. (If you don't know about SSL, ignore that and just read the rest of it.) Back in the late 90's / early 2000s when PBase had its genesis, the use of that protocol or similar was pretty much limited to web sites where you really needed encryption; banking sites and the like. (And now, as then, you should never, ever submit
financial information (including credit card details) through a site which does not use HTTPS.) However PBase has always used that for its payments page; if you go there you'll see that the address is
https://secure.pbase.com/cart.html It probably seemed less important to implement it in the main accounts because let's be honest, the desire to spend the time hacking PBase accounts probably isn't out there. There wouldn't be much to gain from it.
These days implementing SSL has become easier than it once was and a lot of websites use it as their default; Flickr, for example, is at
https://www.flickr.com/ . There still are some older sites that I visit where the login page still uses plain old HTTP; they're diminishing, but they still exist.
Will the main PBase site ever implement HTTPS? Aaaaahhhh... I think we know the likely answer to that. They probably should, but we know that they won't.
Does it matter in the overall scheme of things? If Vladimir Putin declares a vendetta against the site, maybe. Otherwise, maybe not so much.