What's new
Pinball info

Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

had to login again

Neil McRae

Site Supporter
Joined
Jun 5, 2016
Messages
13,720
Location
Surrey
Alias
Neil McRae
something break? I had to login again? do we need a new forum monkey? :D
 

Calimori

Staff member
Joined
Mar 15, 2012
Messages
3,040
Location
Luton, UK
Alias
Calimori
Nothing to worry about but it was the only way to fit the man in the middle proxy to intercept your message.
[emoji6]
 
OP
Neil McRae

Neil McRae

Site Supporter
Joined
Jun 5, 2016
Messages
13,720
Location
Surrey
Alias
Neil McRae
Nothing to worry about but it was the only way to fit the man in the middle proxy to intercept your message.
[emoji6]
well if you've managed to intercept SSL then we all need new forum monkeys!
 

Paul

Staff member
Joined
Oct 5, 2012
Messages
10,009
Location
South Wales
Alias
Toibs
all i did was updated T&C's... shouldnt have foreced a re-login... Just to accept them!! :)
 

Calimori

Staff member
Joined
Mar 15, 2012
Messages
3,040
Location
Luton, UK
Alias
Calimori
well if you've managed to intercept SSL then we all need new forum monkeys!
That is why you install the man in the middle proxy, we terminate the SSL tunnel you established with the server on that, intercept the clear text and manipulate the context if required. We won't be doing that with your posts, just inserting "Looking for a Munsters" into each posts. Then we could re-assert SSL to the back end but as the proxy is on the same server and we control that, we don't need to.
Reading that back, it sounds a bit overly complicated for what we need. Scrap it Paul, we can find another way.

Tapatalk requested I went to the main forum and did ask me to re-auth.
 

M4carp

Site Supporter
Joined
Jan 12, 2019
Messages
3,494
Location
Pembrokeshire
Alias
Lostcause
Recently I was having to log in quite often every day but the last day or so I have been logged in.
 

Andy_B

Site Supporter
Joined
Oct 12, 2014
Messages
431
Location
Worksop, Notts, UK
I couldn't access through Tapatalk until I had logged in and accepted T&Cs on a browser.
No biggie though[emoji16]

Sent from my SM-G960F using Tapatalk
 
OP
Neil McRae

Neil McRae

Site Supporter
Joined
Jun 5, 2016
Messages
13,720
Location
Surrey
Alias
Neil McRae
That is why you install the man in the middle proxy, we terminate the SSL tunnel you established with the server on that, intercept the clear text and manipulate the context if required. We won't be doing that with your posts, just inserting "Looking for a Munsters" into each posts. Then we could re-assert SSL to the back end but as the proxy is on the same server and we control that, we don't need to.
Reading that back, it sounds a bit overly complicated for what we need. Scrap it Paul, we can find another way.

Tapatalk requested I went to the main forum and did ask me to re-auth.

Yeah everyone reading this is thinking; the logo in the corner isn't even resized right and your going to do wut? :rofl:
 

Paul

Staff member
Joined
Oct 5, 2012
Messages
10,009
Location
South Wales
Alias
Toibs
That is why you install the man in the middle proxy, we terminate the SSL tunnel you established with the server on that, intercept the clear text and manipulate the context if required. We won't be doing that with your posts, just inserting "Looking for a Munsters" into each posts. Then we could re-assert SSL to the back end but as the proxy is on the same server and we control that, we don't need to.
Reading that back, it sounds a bit overly complicated for what we need. Scrap it Paul, we can find another way.

Tapatalk requested I went to the main forum and did ask me to re-auth.

Glimmerglass.... ;)
 

Paul

Staff member
Joined
Oct 5, 2012
Messages
10,009
Location
South Wales
Alias
Toibs
oh did you change the T&Cs? I didn't even notice that. Whats new?

Nothing much TBH... Just pulled a few bits together and put some common sense in there...

There is a link to the new Marketplace T&C's (which reminds me i need to put a quick guide together about it).... however nothing major different from whats there already.

Things should be just clear and common sense... as i said in there... really it's just for the less than 5% (Probably 1% more like) that dont understand common ettiquite...
 
OP
Neil McRae

Neil McRae

Site Supporter
Joined
Jun 5, 2016
Messages
13,720
Location
Surrey
Alias
Neil McRae
I agree they you don’t even need to touch the SSL at all. This is why I laugh when fools post using a VPN makes them secure.


Sent from my iPhone using Tapatalk Pro
 

ChrisH

Registered
Joined
Dec 5, 2014
Messages
547
Location
Stroud
Alias
CHR
I agree they you don’t even need to touch the SSL at all. This is why I laugh when fools post using a VPN makes them secure.
As in the people that think using a VPN will allow them to completely hide their activity or make it appear they're originating from somewhere other than where they are?

I've never seen the point as you say (other than to watch IPlayer in the states or something) They are VPNs, but most people are really using them as a proxies (that's the desired behaviour, the fact its over a tunnel is simply the mechanism)

A VPN used for it's proper purpose as in a site to site or point to site tunnel is secure, but of course in that instance you or your company control both ends of the tunnel, and all the encryption

Never bothered with the former, but use the latter all the time, although it's mainly site to Azure VPNs these days, not the true site to site or road-warrior Anyconnect/TGB clients of yesteryear.
 

Calimori

Staff member
Joined
Mar 15, 2012
Messages
3,040
Location
Luton, UK
Alias
Calimori
The onion router did aim to give you some anonymity so that the internet routers and your ISP couldn’t see what you were browsing. Packet shaping and other techniques were becoming an annoyance for some adult activities...
We all know what the internet is really for.

We spent silly money on tools to detect VPN’s and our SOC actively look for them as we have strict rules on where you can connect from.
But we have people renting London properties with hosted Wi-fi which is a security pain. Plus staff who’s budget ISP are giving them IP’s in real time black hole lists using a VPN to solve their local problem.
I had one guy appearing to be logging in from one country in the morning and another in the afternoon. Gives the SOC something to do.

Device to site VPN’s allow roving laptop warriors to use hotel Wi-fi with less risks of which ones might be insecure. We might finally sort this one out since COVID changed our working behaviour.
 

cyberkryten

Site Supporter
Joined
Jul 18, 2017
Messages
356
Location
Wiltshire
Alias
Martyn
The point is that unless you control both ends of the VPN, you are simply changing in whom you are putting your trust. The VPN provider can then see everything you do, which is great if they are secure and not using that data for their own analysis/monetisation.

As for TOR, you are putting your trusting in random, anonymous people on the internet, so um, good luck with that!

In any case, your web traffic still has to get from the VPN provider to the target site, so if that isn't encrypted then it is still fair game anyway.


You need to be very clear about what you are trying to do before selecting any cloaking/obfuscation solution, and unless you really know what you're doing and spending a lot of money on achieving it then it probably won't provide the solution you're looking for anyway.
 
Top Bottom