What's new
Pinball info

Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

had to login again

  • Thread starter Deleted member 2463
  • Start date
D

Deleted member 2463

something break? I had to login again? do we need a new forum monkey? :D
 
Nothing to worry about but it was the only way to fit the man in the middle proxy to intercept your message.
[emoji6]
 
Nothing to worry about but it was the only way to fit the man in the middle proxy to intercept your message.
[emoji6]
well if you've managed to intercept SSL then we all need new forum monkeys!
 
all i did was updated T&C's... shouldnt have foreced a re-login... Just to accept them!! :)
 
well if you've managed to intercept SSL then we all need new forum monkeys!
That is why you install the man in the middle proxy, we terminate the SSL tunnel you established with the server on that, intercept the clear text and manipulate the context if required. We won't be doing that with your posts, just inserting "Looking for a Munsters" into each posts. Then we could re-assert SSL to the back end but as the proxy is on the same server and we control that, we don't need to.
Reading that back, it sounds a bit overly complicated for what we need. Scrap it Paul, we can find another way.

Tapatalk requested I went to the main forum and did ask me to re-auth.
 
Recently I was having to log in quite often every day but the last day or so I have been logged in.
 
I couldn't access through Tapatalk until I had logged in and accepted T&Cs on a browser.
No biggie though[emoji16]

Sent from my SM-G960F using Tapatalk
 
That is why you install the man in the middle proxy, we terminate the SSL tunnel you established with the server on that, intercept the clear text and manipulate the context if required. We won't be doing that with your posts, just inserting "Looking for a Munsters" into each posts. Then we could re-assert SSL to the back end but as the proxy is on the same server and we control that, we don't need to.
Reading that back, it sounds a bit overly complicated for what we need. Scrap it Paul, we can find another way.

Tapatalk requested I went to the main forum and did ask me to re-auth.

Yeah everyone reading this is thinking; the logo in the corner isn't even resized right and your going to do wut? :rofl:
 
oh did you change the T&Cs? I didn't even notice that. Whats new?
 
That is why you install the man in the middle proxy, we terminate the SSL tunnel you established with the server on that, intercept the clear text and manipulate the context if required. We won't be doing that with your posts, just inserting "Looking for a Munsters" into each posts. Then we could re-assert SSL to the back end but as the proxy is on the same server and we control that, we don't need to.
Reading that back, it sounds a bit overly complicated for what we need. Scrap it Paul, we can find another way.

Tapatalk requested I went to the main forum and did ask me to re-auth.

Glimmerglass.... ;)
 
oh did you change the T&Cs? I didn't even notice that. Whats new?

Nothing much TBH... Just pulled a few bits together and put some common sense in there...

There is a link to the new Marketplace T&C's (which reminds me i need to put a quick guide together about it).... however nothing major different from whats there already.

Things should be just clear and common sense... as i said in there... really it's just for the less than 5% (Probably 1% more like) that dont understand common ettiquite...
 
I agree they you don’t even need to touch the SSL at all. This is why I laugh when fools post using a VPN makes them secure.


Sent from my iPhone using Tapatalk Pro
 
I agree they you don’t even need to touch the SSL at all. This is why I laugh when fools post using a VPN makes them secure.
As in the people that think using a VPN will allow them to completely hide their activity or make it appear they're originating from somewhere other than where they are?

I've never seen the point as you say (other than to watch IPlayer in the states or something) They are VPNs, but most people are really using them as a proxies (that's the desired behaviour, the fact its over a tunnel is simply the mechanism)

A VPN used for it's proper purpose as in a site to site or point to site tunnel is secure, but of course in that instance you or your company control both ends of the tunnel, and all the encryption

Never bothered with the former, but use the latter all the time, although it's mainly site to Azure VPNs these days, not the true site to site or road-warrior Anyconnect/TGB clients of yesteryear.
 
The onion router did aim to give you some anonymity so that the internet routers and your ISP couldn’t see what you were browsing. Packet shaping and other techniques were becoming an annoyance for some adult activities...
We all know what the internet is really for.

We spent silly money on tools to detect VPN’s and our SOC actively look for them as we have strict rules on where you can connect from.
But we have people renting London properties with hosted Wi-fi which is a security pain. Plus staff who’s budget ISP are giving them IP’s in real time black hole lists using a VPN to solve their local problem.
I had one guy appearing to be logging in from one country in the morning and another in the afternoon. Gives the SOC something to do.

Device to site VPN’s allow roving laptop warriors to use hotel Wi-fi with less risks of which ones might be insecure. We might finally sort this one out since COVID changed our working behaviour.
 
The point is that unless you control both ends of the VPN, you are simply changing in whom you are putting your trust. The VPN provider can then see everything you do, which is great if they are secure and not using that data for their own analysis/monetisation.

As for TOR, you are putting your trusting in random, anonymous people on the internet, so um, good luck with that!

In any case, your web traffic still has to get from the VPN provider to the target site, so if that isn't encrypted then it is still fair game anyway.


You need to be very clear about what you are trying to do before selecting any cloaking/obfuscation solution, and unless you really know what you're doing and spending a lot of money on achieving it then it probably won't provide the solution you're looking for anyway.
 
Back
Top Bottom