Rocksolid Light

Welcome to RetroBBS

mail  files  register  newsreader  groups  login

Message-ID:  

If at first you don't succeed, you must be a programmer.

computers / alt.comp.software.firefox / Warning: Potential Security Risk Ahead

SubjectAuthor
* Warning: Potential Security Risk Aheademfril
+* Warning: Potential Security Risk AheadAndy Burns
|`- Warning: Potential Security Risk AheadAndy Burns
+- Warning: Potential Security Risk AheadVanguardLH
`- Warning: Potential Security Risk AheadJörg_Lorenz

1
Warning: Potential Security Risk Ahead

<ummkig$b2o$1@nnrp.usenet.blueworldhosting.com>

  copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=2071&group=alt.comp.software.firefox#2071

  copy link   Newsgroups: alt.comp.software.firefox
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!panix!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!nnrp.usenet.blueworldhosting.com!.POSTED!not-for-mail
From: emfril@gmail.com (emfril)
Newsgroups: alt.comp.software.firefox
Subject: Warning: Potential Security Risk Ahead
Date: Fri, 29 Dec 2023 09:19:58 -0500
Organization: BWH Usenet (https://usenet.blueworldhosting.com)
Message-ID: <ummkig$b2o$1@nnrp.usenet.blueworldhosting.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Fri, 29 Dec 2023 14:20:00 -0000 (UTC)
Injection-Info: nnrp.usenet.blueworldhosting.com;
logging-data="11352"; mail-complaints-to="usenet@blueworldhosting.com"
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:spnMuYdZtPZMdST+u3mOge5/dCE= sha256:Sw8RMf2SIng/uYxngaRNJObMYrjkHUaN0UMtmJX3cjU=
sha1:4ITZJ2Xi8RuhA+jnwQLUgb8lrU8= sha256:s8gIsuKgZBQ82ImiNmSX1LR5S+hVQ5+nkr4GLODZuM4=
Content-Language: en-US, el
 by: emfril - Fri, 29 Dec 2023 14:19 UTC

When I click:

https://www.stixoi.info/stixoi.php?info=Lyrics&act=details&song_id=54462&hl=%CE%BA%CE%B1%CF%88%CE%BF%CF%8D%CF%81%CE%B7%CF%82

I get:

Warning: Potential Security Risk Ahead ...

However I opened the page in Chrome and I do not see any problem
with the webpage. What's going on?
--
It ain't THAT, babe! — A radical reinterpretation
https://emf.neocities.org/bd/itaintmebabe.html

Re: Warning: Potential Security Risk Ahead

<kv843pFca4mU4@mid.individual.net>

  copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=2073&group=alt.comp.software.firefox#2073

  copy link   Newsgroups: alt.comp.software.firefox
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: usenet@andyburns.uk (Andy Burns)
Newsgroups: alt.comp.software.firefox
Subject: Re: Warning: Potential Security Risk Ahead
Date: Fri, 29 Dec 2023 14:40:55 +0000
Lines: 23
Message-ID: <kv843pFca4mU4@mid.individual.net>
References: <ummkig$b2o$1@nnrp.usenet.blueworldhosting.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Trace: individual.net 8rUSjMsyh5YBVzR5cIT36Qg57KZ76DE6HgHg9Oocm5XG6HhLB/
Cancel-Lock: sha1:CA41kzh4k6YhA+zTW75VDfPmZ0M= sha256:DwnpgD5PxFnbHZmf6mWRcruSwHcWhD3X3eGbv3iQfFQ=
User-Agent: Mozilla Thunderbird
Content-Language: en-GB
In-Reply-To: <ummkig$b2o$1@nnrp.usenet.blueworldhosting.com>
 by: Andy Burns - Fri, 29 Dec 2023 14:40 UTC

emfril wrote:

> When I click:
>
> https://www.stixoi.info/stixoi.php?info=Lyrics&act=details&song_id=54462&hl=%CE%BA%CE%B1%CF%88%CE%BF%CF%8D%CF%81%CE%B7%CF%82
>
> I get:
>
>   Warning: Potential Security Risk Ahead ...
>
> However I opened the page in Chrome and I do not see any problem with
> the webpage. What's going on?

the certificate is for "stixio.info" but the hostname in the URL is
"www.stixoi.info"

the owner could fix it by getting a wilcard or subject alternate name
certificate, or you can avoid the problem by visiting

<https://stixoi.info/stixoi.php?info=Lyrics&act=details&song_id=54462&hl=%CE%BA%CE%B1%CF%88%CE%BF%CF%8D%CF%81%CE%B7%CF%82>

Somehow chrome is automatically dropping the www. part, so it doesn't
give an error, sorry but I can't really be bothered to understand how/why

Re: Warning: Potential Security Risk Ahead

<kv84nuFca4nU1@mid.individual.net>

  copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=2074&group=alt.comp.software.firefox#2074

  copy link   Newsgroups: alt.comp.software.firefox
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: usenet@andyburns.uk (Andy Burns)
Newsgroups: alt.comp.software.firefox
Subject: Re: Warning: Potential Security Risk Ahead
Date: Fri, 29 Dec 2023 14:51:40 +0000
Lines: 9
Message-ID: <kv84nuFca4nU1@mid.individual.net>
References: <ummkig$b2o$1@nnrp.usenet.blueworldhosting.com>
<kv843pFca4mU4@mid.individual.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Trace: individual.net oa/KEbxNe446ss5ybdBV0QDeTkSNuMlkz1PsIgP3O2uClL3iuO
Cancel-Lock: sha1:ou9yiUBHQTAVRYFXGnLNnc6d3H0= sha256:f6ABjdGriNpcJWRu2PSIsGwcuUTdwa2FfXCiEbjJANQ=
User-Agent: Mozilla Thunderbird
Content-Language: en-GB
In-Reply-To: <kv843pFca4mU4@mid.individual.net>
 by: Andy Burns - Fri, 29 Dec 2023 14:51 UTC

Andy Burns wrote:

> the certificate is for "stixio.info"
^^^
typo on my part

> but the hostname in the URL is "www.stixoi.info"

Re: Warning: Potential Security Risk Ahead

<1denkji0u3o8v.dlg@v.nguard.lh>

  copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=2075&group=alt.comp.software.firefox#2075

  copy link   Newsgroups: alt.comp.software.firefox
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: V@nguard.LH (VanguardLH)
Newsgroups: alt.comp.software.firefox
Subject: Re: Warning: Potential Security Risk Ahead
Date: Fri, 29 Dec 2023 10:21:29 -0600
Organization: Usenet Elder
Lines: 49
Sender: V@nguard.LH
Message-ID: <1denkji0u3o8v.dlg@v.nguard.lh>
References: <ummkig$b2o$1@nnrp.usenet.blueworldhosting.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Trace: individual.net pCT6j5zF0Z99U7LFzcUZJQwxI8B0eG28rXjmAhKMK+d5wlP838
Keywords: VanguardLH,VLH
Cancel-Lock: sha1:+44ZXo35Ez2NvuZp5oRiRfVy5Ig= sha256:nz+4+KjNTQePtE0zSfmxNeeikpJK/RdIzwSPq71vBlM=
User-Agent: 40tude_Dialog/2.0.15.41
 by: VanguardLH - Fri, 29 Dec 2023 16:21 UTC

emfril <emfril@gmail.com> wrote:

> When I click:
>
> https://www.stixoi.info/stixoi.php?info=Lyrics&act=details&song_id=54462&hl=%CE%BA%CE%B1%CF%88%CE%BF%CF%8D%CF%81%CE%B7%CF%82
>
> I get:
>
> Warning: Potential Security Risk Ahead ...
>
> However I opened the page in Chrome and I do not see any problem
> with the webpage. What's going on?

Google is not as picky as Mozilla regarding validity of site
certificates.

When I go there using Firefox, the message is "uses a certificate that
is not valid for www.stixoi.info" and "Error code:
SSL_ERROR_BAD_CERT_DOMAIN". There are several reasons for this, the
obvious one being the cert was registered for one domain, but the site
tried to use the same cert at another of their domains. Some will try
to get multi-site certs, but the cert is not properly defined.

If you want to get more info than you can understand, you can enter a
site's URL at ssllabs.com to get their full analysis of a site's cert.
With all the testing they do, could be several minutes before their
testing completes.

https://www.ssllabs.com/ssltest/analyze.html?d=www.stixoi.info

That one came back rather fast reporting:

Certificate name mismatch.

One cert (Firefox shows a chain of 3 certs), was for audits.opekepe.eu.
Well, that comes no where close to stixoi.info. I elected to ignore the
obvious domain mismatch, and have ssllabs do the rest of the tests.
Rather than go into all their analysis, the testing shows their cert is
mostly okay, but has the obvious domain mismatch in the cert.

That Google permits connecting to the site despite all the crap wrong
with the site cert shows just how sloppy is Google checking of certs.

If you want to help the site, contact their site admin to report a
domain mismatch in their site cert: audits.opekepe.eu is an obvious
mismatch, but so is "stixio.info" when the site you are visiting is
"www.stixio.info". As Andy pointed out, they got the wrong cert, and
should've gotten one for their domain instead of a particular host.
They have to fix it on their end.

Re: Warning: Potential Security Risk Ahead

<ummv56$tdmk$1@dont-email.me>

  copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=2077&group=alt.comp.software.firefox#2077

  copy link   Newsgroups: alt.comp.software.firefox
Path: i2pn2.org!i2pn.org!news.1d4.us!usenet.goja.nl.eu.org!weretis.net!feeder8.news.weretis.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: hugybear@gmx.net (Jörg Lorenz)
Newsgroups: alt.comp.software.firefox
Subject: Re: Warning: Potential Security Risk Ahead
Date: Fri, 29 Dec 2023 18:20:38 +0100
Organization: Camembert Normand au Lait Cru
Lines: 27
Message-ID: <ummv56$tdmk$1@dont-email.me>
References: <ummkig$b2o$1@nnrp.usenet.blueworldhosting.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Fri, 29 Dec 2023 17:20:38 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="20485005dab43761cefbe01195fa2f5f";
logging-data="964308"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+wl5mzL0+yH/oQMvAmOLiMFNDWS69oYAc="
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:115.0)
Gecko/20100101 Thunderbird/115.6.0
Cancel-Lock: sha1:4K07rzb1YnkPVeUeKC4fbmd9mHE=
In-Reply-To: <ummkig$b2o$1@nnrp.usenet.blueworldhosting.com>
Content-Language: de-CH
 by: Jörg Lorenz - Fri, 29 Dec 2023 17:20 UTC

Am 29.12.23 um 15:19 schrieb emfril:
> When I click:
>
> https://www.stixoi.info/stixoi.php?info=Lyrics&act=details&song_id=54462&hl=%CE%BA%CE%B1%CF%88%CE%BF%CF%8D%CF%81%CE%B7%CF%82
>
> I get:
>
> Warning: Potential Security Risk Ahead ...
>
> However I opened the page in Chrome and I do not see any problem
> with the webpage. What's going on?

Websites bestätigen ihre Identität mittels Zertifikaten. Firefox
vertraut dieser Website nicht, weil das von der Website verwendete
Zertifikat nicht für www.stixoi.info gilt. Das Zertifikat ist nur gültig
für stixoi.info.

Fehlercode: SSL_ERROR_BAD_CERT_DOMAIN

Zertifikat anzeigen

I would suggest not to visit this webpage. They have a serious securitiy
issue. It speaks against Chrome that it shows the page without any warning.

--
"Gutta cavat lapidem." (Ovid)

computers / alt.comp.software.firefox / Warning: Potential Security Risk Ahead

1
server_pubkey.txt

rocksolid light 0.9.81
clearnet tor