Are you sending any important data with your requests?

What's that? The only important thing is IP, which is already stored and decrypted server-side which means if the server is compromised then that security layer is useless anyway?

Then let's not.

>>160551
But muh tripcodes! Anyone could hack them! The horror!

>>160551
>>160552
Why do you hate freedom?

>>160554
>Freedom
>not America

Why don't you stop posting? Efchan does.

>>160563
say that to my face motherfucker not on ponychan see what happens

>>160551
I mean there was that time I had to post my credit card on the Ponychan Gold payment board.

While it is inherently better to have HTTPS, and supports security, it is probably too low a priority to implement at the moment, and the developers nascent enthusiasm is likely to be better spent on a lot of other little things that need attending. While the two other descendants of Ponychan both utilize HTTPS, it is likely because their developers are both keen on security, and are more or less experts in the field with a high level of interest. It *is* of value to have, and personally I believe all sites that can have it, should, but it's just not a visible enough change for enough people to ask for it/demand it. Most people simply don't understand the benefits and wouldn't even if it were explained in-depth to them.

>>160568
>While it is inherently better to have HTTPS, and supports security,
No it isn't. It slows the site. All data we submit on Ponychan is stored in the database since all data we submit on Ponychan is posts. Therefor there is no reason to use HTTPS, as we do not even have users and so passwords are not a thing. No on-site instant messaging, no on-site cross-site verification (such as an on-site payment system), etc. There is nothing, even the "post passwords" we use forcibly refresh every now and again, and any post you make is eventually deleted anyway, unlike other environments.

Last edited at Mon, Aug 18th, 2014 16:58

>>160569
If the use of HTTPS over HTTP slows the site to a degree that is remotely noticeable to the end user you have a lot more coding and server problems than security anyways, so I guess you're right.

>>160571
>>160569
And of course, there's the fact that it hasn't slowed either of the other imageboards in question who have the benefits of HTTPS, but I guess that's moot, hm~

>>160571
No, actually, the use of HTTPS universally slows down the site by a certain amount because another layer - validation the certificate. It is not relevant to coding, because html pages is the only thing we load. Coding is totally irrelevant and I have no idea how you could have possibly brought it up, so it is clear you are more than unqualified to make comments about this.

>>160573
I don't seem to recall a time when they did not use HTTPS. Have you considered that perhaps, because you don't use http, you can't tell the difference, hm? The difference is a second and best, and hardly noticeable, but still noticeable if you try to load two versions of the site at the same time.

There is no point in arbitrarily slowing down the site for an amateur's ignorant notion of "security". Security is a matter of security, and not making people who have no idea of what ads security feel better.

At least outside of governments.

>>160574
Regarding 'speed':
>because you don't use http
Except we're using http right now on Ponychan, and it's noticeably slower than other sites who happen to be https.
Regarding 'security'
>an amateur's ignorant notion of "security"
Orange is and had always been an amateur at best, literally a freelancer, so not really sure what claim you're trying to make there. Black Butterfly and Macil, on the other hand, can legitimately be called experts in this realm.
Fact is, I said it wasn't necessarily needed and there were other priorities to focus on here, simply that https was, yes, of benefit. I'm not sure why you got all butthurt and then tried to devalue the objectively better option.

But I guess people can decide for themselves. http://en.wikipedia.org/wiki/HTTP_Secure

>people who have no idea of what ads security
Considering their are plenty of other security flaws and holes here as it is, doesn't look like anyone knows what adds security.

See you around, /meta/non.

>>160575
>Except we're using http right now on Ponychan, and it's noticeably slower than other sites who happen to be https.
This weakens your argument even further, as you are implying if anything https speeds up the site? Ponychan has considerable more load than either site, and is not a dedicated server.

>Orange is and had always been an amateur at best, literally a freelancer, so not really sure what claim you're trying to make there.
Am I Orange? Are you Anonthony? I have no idea what claim you are trying to make here either. I'm saying you have no idea what you're talking about.

>Black Butterfly and Macil, on the other hand, can legitimately be called experts in this realm.
Can they now? I don't know about that, then again I've never met either. Are you either? I don't think so, so I don't know what you're talking about.

>Fact is, I said it wasn't necessarily needed and there were other priorities to focus on here, simply that https was, yes, of benefit.
Agreed on the first, and disagree on the second. The only benefit is to protect your IP, and there's no chance someone with the ability to hack and install a listener on the server will not know how to use that ability to also gain access to the MySQL database.

>I'm not sure why you got all butthurt and then tried to devalue the objectively better option.
It's not objectively better because it slightly slows down the site, which is already not the fastest site ever, for no gain.

>But I guess people can decide for themselves. http://en.wikipedia.org/wiki/HTTP_Secure
Not even most coders will be able to use that page to determine anything, let alone people with no idea how tech works. A system administrator is a different field than a coder; are you a system administrator?

>Considering their are plenty of other security flaws and holes here as it is, doesn't look like anyone knows what adds security.
You'd know all about that, of course.

Woah, we're off for another huge argument.

Is this something default fansites have?
Or is this a geek thing that some people do, but is not of dire importance?

Efchan and mlpchan seems to have switched to it and I know my bank has it.

But 4chan and newgrounds seem to not have it?

So
>>160550
Is this an honest serious question?
Or are you just yanking the staff's chain to see how they would respond?

Last edited at Mon, Aug 18th, 2014 17:42

>>160578
>Or is this a geek thing that some people do, but is not of dire importance?
That. The chances a non-private server to be hacked and a listener installed is nonexistent, especially considering this is a pony imageboard and not a notable site that no desirable data is processed in.

>Or are you just yanking the staff's chain to see what they would respond?
He is, or is otherwise woefully ignorant.

>But 4chan and newgrounds seem to not have it?
Because nobody cares what Anonymous' automatically-generated posting password is.

Last edited at Mon, Aug 18th, 2014 17:52

>>160579
Oh wait, it seems to exist for both those places as well, not by default or so.


Meh, I dunno. If this is something easy to fix, it could be worth it.

>>160578
I'm screwing around, though it'd be nice to have. and I could've sworn efchan used to be http at one point. I know for a fact that zecora is.

Last edited at Mon, Aug 18th, 2014 18:01

>>160580
This is because the pages you are viewing do not need them, the same for newsground. They are more than likely only forced in staff login pages, which I can see the site's need for it, but again if a person managed to install a listener there, chances are your passwords have already been taken.

If you want it won't hurt at all to force it in your mod login page, and any password changing page you may have. Other than that...

>>160581
HTTP? Me? You must be joking, surely.

>>160583
http://zecora.efchan.net/ef/

>>160584
That looks like a bug more than anything. An absolutely hilarious one at that.

Last edited at Mon, Aug 18th, 2014 18:07

>>160585
BB said it's intentional that zecora is http. I can't remember what the reason was, though.

>>160586
Sounds interesting. I wonder what her reasons are.

>>160587
Actually, what is zecora? It doesn't appear to have any difference. Is it on a different server, perhaps?

>>160588
The only difference is it's http.

>>160575
Your post is akin to the owner of a McDonald's storming into the lobby of a nearby KFC ranting about how the customers are unsafe from UV rays because the amateur management refuses to tint the windows.

Fact is, perfect security cannot exist. Complaining about "security" is useless if you can't define a threat model. Security is sometimes expressed as the amount of resources an adversary would have to expend in order to penetrate a system (which can never reach infinity, by the way). Since you get all your domain expertise from wikipedia, feel free to take a break from my post and brush up – http://en.wikipedia.org/wiki/Threat_model and http://en.wikipedia.org/wiki/Computer_security#Vulnerabilities

Quick refresher course for everyone else who doesn't know what you do, TLS provides:
- authentication (security against active attackers, assuming the site's certificate chain checks out)
- encryption (privacy against passive attackers)
This ensures that 1, the desired recipient receives your message, and 2, only the desired recipient receives your message. Since everything posted on an imageboard is public, neither of those are of any relevance.

If you want to intercept someone's data that they provided to our server, you don't need to find a security hole or spoof BGP routes. Instead, simply point your browser to http://www.ponychan.net/chan/.

And if, after digesting that, your threat model is so different than everyone else's here, I'm curious what information ponychan has about you that you're so worried about keeping private~

>>160576
>Ponychan has considerable more load
I thought the argument was that Ponychan has too much junk in its storage, not load? Oh well.
>is not a dedicated server.
True enough.
>I have no idea what claim you are trying to make here either.
You seemed to be trying to imply that those here had better or more security knowledge. If that's not that case, alright.
>Can they now?
Yes, certainly. Part of BB's job is cybersecurity. That, and working for whatever area of British intelligence she does. Macil's entire area of expertise is cybersecurity (and thus your claim that system administration and coding are "different fields" is somewhat moot; they're different sure, but related.) The guy placed at CSAW, probably the best coder and security guy I've ever talked to. Seem to recall that he found several possible exploits here and gave the administration here heads up about them (one of them a mitm).
>It's not objectively better because it slightly slows down the site, which is already not the fastest site ever, for no gain.
The system itself is objectively better. The fact that the site can't handle it doesn't diminish that system, just the site.

>>160591
>Seem to recall that he found several possible exploits here and gave the administration here heads up about them (one of them a mitm).
I do remember going back and forth about a possible security bug once (which I of course take seriously), but it turned out to be a red herring. The closest anyone's ever gotten to claiming our security bounty is downloading a 0-byte javascript file. If any real security bugs ever existed at any point in the site's history, tell him to get in touch with me, I have some bitcoins that are rightfully his.

EDIT: same goes for anyone who manages to hijack the internet's infrastructure in order to capture my account password

Last edited at Mon, Aug 18th, 2014 18:51

  >>160590
>Your post is akin to the owner of a McDonald's storming into the lobby of a nearby KFC ranting about how the customers are unsafe from UV rays because the amateur management refuses to tint the windows.

Last edited at Mon, Aug 18th, 2014 21:07

>>160592
>capture my account password
God damn it

>>160586
I think she told me that subdomain being served over HTTP was for compatibility with one user of hers that was running IE 4 which didn't support HTTPS on Windows 95 which didn't support any newer IE versions. (I think Firefox 1.5 supports HTTPS on Windows 95, so I didn't lose much sleep over the fact I made MLPchan HTTPS-only.)

>>160551
The requests themselves could be considered important. Some friends of mine were fans of packet sniffing the college wireless for an amusingly simple show [www.youtube.com] . I didn't quite care for my rampant pony imageboard activity to show up publicly. Then session hijacking of a staff account can be dangerous and was far from a theoretical issue for me (and probably some of my staff too who I'm sure at least a few have used open wireless networks).

>>160579
>The chances a non-private server to be hacked and a listener installed is nonexistent
HTTPS is for privacy and protection from your local network and upstream, not so much for privacy from the server itself.

>>160592
I believe I told Mithent(?) about these back when he was active to get these all patched before they were ever maliciously exploited. It's been a while, but I don't forget security issues. (I reported some of the applicable issues to the KusabaX developers too, but they were pretty dead.) Sorry if this never made it to you.

* Cross Site Request Forgery vulnerabilities in the site meant that if an attacker got any staff member to browse to a site under their control ("hey check out this funny cat at http://..."), the site could trick the staff member's browser into deleting threads or banning users from Ponychan.
* The watched threads feature could be used by regular users to get info from threads on the staff board.
* A saved thread that a Ponychan staff member shared to some users on someone's request had his site-generated mod password value in a hidden form in the html, which allowed anyone who noticed to use the "Raw HTML" post feature and accomplish XSS attacks to deface the site or collect full staff credentials to log into the administrative panel. A little cheap given that it required a staff member to be tricked for his credentials, but it's a pretty realistic issue given that part actually happened.
* KusabaX's mod password generation was flawed. Even if/after that staff member's account and mod password were revoked after being abused, an attacker could manipulate the mod password to make it valid again and allow them to keep attacking. (This also meant that anyone who ever had staff access in the past could use their old invalid mod password again to own the site.) The mod password was the staff member's username passed through an unauthenticated cipher. Basically XORing part of it against another staff member's username would transform it into a valid mod password for another staff member.
* KusabaX had an SQL injection vulnerability after it decrypted the mod password. This allowed anyone with a mod password that had ever been valid to transform it into a mod password for another staff member without needing to know their username, or execute blind SQL injections to read any value from the database (including post passwords and IP addresses). Here is a full write-up [crashcoherency.net] I made about the above three issues after they were patched here.

If you're serious about a bitcoin bounty, there's an address of mine on the front page of mlpchan.net.

Last edited at Tue, Aug 19th, 2014 02:03

>another chan has a completely arbitrary "feature" of negligible usefulness
>"well why don't we have that too?!?!?!"
>"I clearly know everything about everything and am smarter than you about this"
Like keeping up with the Joneses, whom you would otherwise completely ignore or avoid

>>160614
>Then session hijacking of a staff account can be dangerous and was far from a theoretical issue for me (and probably some of my staff too who I'm sure at least a few have used open wireless networks).
Not just a few hours ago I logged onto the mod tools through an open wireless network (at university) to delete some spam. It's certainly possible (although unlikely) someone interested in getting privileged access could figure out a mod's usage patterns and get their credentials.

>>160615
I don't think you know what the word "arbitrary" means. It's like when people use the word "literally" apart from it's actual meaning.
>Arbitrary: based on random choice or personal whim, rather than any reason or system.
Um, there is clearly reason and system for the feature and concept. It's not even a debate. It's whether or not it's needed in this instance; even I said in my very first post it probably wasn't. Panties untwist!
The word you're looking for isn't 'arbitrary' and that just makes you sound butthurt, which I would rather think better of you than that. At best you can say it's a luxury feature not needed in this site's case.

>>160618
I know what arbitrary means, I kind of worded that wrong. A lot of times the requests are pointless, and based simply on "they have it so we should have it too". And my panties are untwisted as can be.

>>160619
The /gala/ split was one of the best decisions Orange ever made, because of both its initial popular reception, and how it solved most all of /chat/'s problems all in one motion. Panties untwist!
You should probably make another thread if you want to discuss /gala/. I don't know what you think its success has to do with HTTPS support.

>inferring inferences anonymously

>>160644
>>160646
>>160650
>>160652

It was already a weird conversation, but it's especially weird with half of it missing.

>>160653
The deleted posts don't really help much.

>>160655

No, not at all. I still have them up because I don't close tabs.

>>160614
Macil pls, stop stealing Ponychan's bitcoins.

>>160614
> A saved thread that a Ponychan staff member shared to some users on someone's request
That was me i think, fun times.

>>160614
>>160657
Doing that in the first place is a bad ideaTM because a thread saved with modtools on would display every post's IP.

>>160658
That is correct, i hope i signed out when i saved that thread but i honestly cant remember it.

>>160614

orng getting btfo

>>160657
>>160658
>>160659

I'd done that before too, way back when I finished my first X-COM let's play. Somebody requested that the thread be preserved so I downloaded the whole thing, zipped it up, and uploaded it... took it down the moment I realized that it had everyone's IP in it.

>>160660
Everyone he responded to getting btfo
> https://crashcoherency.net/
lol how's that for some light reading

Last edited at Wed, Aug 20th, 2014 04:57

>>160660
>>160614
>>160592

>>161526
>>160660
>>160614
>>160592
>thread auto-saged
top. kek. >>161674

Last edited at Thu, Sep 25th, 2014 05:02

did macil ever get his bit coins

hot colt on colt action

>>160592
>>160614
>>161881

Last edited at Thu, Nov 6th, 2014 19:35

locked because necroposting