site certificate expired?

[YinTx]

Just wondering if the security flag on my laptop is accurate and lw.net's security certificate is expired, today, Sunday 2/23/2020 at 5:59pm, or if I have an issue?  Thanks,

YinTx

[PL01]

I have the same issue, so it's not just you.

[TomWisc]

Me too

[fredk]

me too.

my browser was telling me that the site was under attack from hacking. I PM'd Joanna about it but I've not heard back yet

[Northmount]

The hosting service was supposed to automatically replace the certificate, but failed to.  And it's a weekend with little or no support!  Always the way it goes, right?

Tom

 

[Snakeoil]

For the past two days, when I try to come to this site, I get the following warning:

There is a problem with this website’s security certificate.
	The security certificate presented by this website has expired or is not yet valid.   Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.

Rob

[Northmount]

It is being worked on.  The hosting site was supposed to automatically update the security certificate, but it didn't, and of course it happens on the weekend when there is even less support.

Tom

 

[mikesc]

Been seeing the same..suggest using
https://letsencrypt.org/
Free..and auto-renews at 90 day intervals..

Edited February 24, 2020 by mikesc

[mikesc]

Been seeing the same..suggest using
https://letsencrypt.org/
Free..and auto-renews at 90 day intervals..

[Hardrada]

Just add a security exception. That's what I just did.

[mikesc]

Yes that is easy..But..that means that the connection is unsecured..and many will "back out" and go elsewhere..
You have to hit "advanced" to know that is just an expired cert..Non tech people just get frightened that the site may have been hacked and back out.
Plus..when you ( the website owner/ webmaster ) pay for an "extended cert"..( around $200.00 to $300.00 per year you expect to get renewals taken care of..
Hence my suggestion to use letsencrypt..keeps everyone encrypted..and doesn't get affected by weekends, or hosters who forget to set up the cron job.

Edited February 24, 2020 by mikesc

[Riem]

Phew! So it wasn't anything I did... Right, will add the exception and pretend I wasn't... frightened. Yeah, I wasn't.

[Hardrada]

2 hours ago, mikesc said:

Yes that is easy..But..that means that the connection is unsecured..and many will "back out" and go elsewhere..
You have to hit "advanced" to know that is just an expired cert..Non tech people just get frightened that the site may have been hacked and back out.
Plus..when you ( the website owner/ webmaster ) pay for an "extended cert"..( around $200.00 to $300.00 per year you expect to get renewals taken care of..
Hence my suggestion to use letsencrypt..keeps everyone encrypted..and doesn't get affected by weekends, or hosters who forget to set up the cron job.

Well, I think you've just given them non-techies a crash course on how to add the exception.

Visitors might back out, but regulars know this site and know it's trustworthy. An internaut should be keen enough to take control of his browsing and not depend entirely on automated software to browse the web. Software features can be useful and handy, but it's the user who has to do the thinking, not the machine.

Personally, I am highly suspicious of any "free" things, specially in matters of security. There's no such thing as a free lunch: coding, providing, and maintaining services and hosting them costs money: when something it's 'free' YOU are the product.

Edited February 24, 2020 by Hardrada

[mikesc]

letsencrypt is truly FREE..no strings..no catches..
I've been doing this ( "internetish" stuff , coding ( since fortran, COBOL, et al ) for over 5 decades..and I'm not the only one here..

Nope..in this case ..""you" are not the product""..it is like FOSS..just like the linux and / BSD that all my web-facing machines run.

An internaut should be keen enough to take control of his browsing and not depend entirely on automated software to browse the web.

You never heard of the "facebook /twitter / android/ iphone generation" ? ..In which case ...Bless :)
You really think "they" know what the shiney does..and why.. or care..they jus wannit now..ferfree..nfast..ortheylbitch on twitter or facebook aboutit..

If this site had to depend on only "the regulars"..J would have had to "fold it" a long time ago* ( ..before you, or I had found it, or had the chance to find it, the site hosting is not cheap, nor is the forum software..so we would not have found it**.. :) capiche ?

The blue under the "nicks" helps..as do the entirely unpaid mod team and friends.

*I know how much the site hosting costs..and the hassle of running a non pre moderated UGC site..
Or continue to do like many of us do..
Run sites** "just because"..

I run some purely informative sites ( no ads , no aff stuff at all " just because"..the same reason as why I stop for people with a flat tire/ tyre, or because they have their thumb up at the side of the road..

And some others with ads..and some others pure commercial..and some others pure "portfolio"..

The list of posters here that I can think of who post "just because"..abhandmade, Constabulary, Jimi, Eric, RockyAussie..the list would go on and on and on ( apologies to all those whom I have left off ) and on..posting to help, not for any ulterior motive ..

Most posters here ..in addition to the above..seem to think the same way..

Edited February 24, 2020 by mikesc

[Johanna]

I set the SSL cert to auto renew, got an email saying that the renewal was coming up and all would be well, and the certificate expired.  Meanwhile you are correct. LW doesn’t represent a security threat no matter what. It will not steal your info or do much more than try to remember what you already read, which is pretty much all we use cookies for. Mike that’s a lot of info. I need to read and then I will have questions, as usual! Thanks everyone for your patience and support. 

[mikesc]

J..as always ..you are more than welcome :)..

[Hardrada]

42 minutes ago, mikesc said:

letsencrypt is truly FREE..no strings..no catches..
I've been doing this ( "internetish" stuff , coding ( since fortran, COBOL, et al ) for over 5 decades..and I'm not the only one here..

Nope..in this case ..""you" are not the product""..it is like FOSS..just like the linux and / BSD that all my web-facing machines run.

 

 

 

 

You never heard of the "facebook /twitter / android/ iphone generation" ? ..In which case ...Bless
You really think "they" know what the shiney does..and why.. or care..they jus wannit now..ferfree..nfast..ortheylbitch on twitter or facebook aboutit..

If this site had to depend on only "the regulars"..J would have had to "fold it" a long time ago* ( ..before you, or I had found it, or had the chance to find it, the site hosting is not cheap, nor is the forum software..so we would not have found it**.. capiche ?

The blue under the "nicks" helps..as do the entirely unpaid mod team and friends.

*I know how much the site hosting costs..and the hassle of running a non pre moderated UGC site..
Or continue to do like many of us do..
Run sites** "just because"..

I run some purely informative sites ( no ads , no aff stuff at all " just because"..the same reason as why I stop for people with a flat tire/ tyre, or because they have their thumb up at the side of the road..

And some others with ads..and some others pure commercial..and some others pure "portfolio"..

The list of posters here that I can think of who post "just because"..abhandmade, Constabulary, Jimi, Eric, RockyAussie..the list would go on and on and on ( apologies to all those whom I have left off ) and on..posting to help, not for any ulterior motive ..

Most posters here ..in addition to the above..seem to think the same way..

My stance remains the same. You're not the only one with IT experience. I used to own a computer shop and worked as bench technician for years. During the latter I saw way too many computers infected with all kinds of malware because the users were like zombies clicking willy nilly on 'warnings' about fictional problems because they WERE NOT THINKING, but just going through the motions like automatons, thinking that their AV programs would be impregnable barriers.

I also run my own site, which made me aware that many 'free' SSL certificates were fronts for Chinese data mining. Not saying your recommendation is, but I know there are many out there netting you more than you bargained for.

Yes, I've heard and watched the Fakebook/S'witter/Azzdroid/crApple generation and what I've seen makes me believe in my stance even more.

Anyway, we need not have a shootout here over minutiae, but I do consider a public service to warn people of the dangers of the Culture of the Free, same as you consider recommending security software a public service as well. In the end, it's them users who have to make a THOUGHTFULL decision about what to load onto their systems.

Edited February 24, 2020 by Hardrada

[mikesc]

You're not the only one with IT experience

You'll note that in my post above , I specifically said that I was not "the only one"..

I also run my own site, which made me aware that many 'free' SSL certificates were fronts for Chinese data mining.

If you seriously think that letsencrypt ( you have seen who is behind it ? ) is remotely like any "free SSL cert for Chinese data mining"..you might want to drop your biases and do some research outside of FOX et ..

Running a website ( singular ) and repairing computers in a computer shop ( self owned or salaried ) and as "bench technician" does not an IT expert one make..
But , I'll grant you ..you have probably seen more Win(x) infections that I have ( since MS released Win10..at which point after being on the "inside track" and seeing where the spyware was going I removed it from all webfacing boxen, and no longer support / fix win 10 machines ) ..knowing how / why they ( malware ) work and being able to write them ( for various OS systems ) is another matter. :)



You only ever help anyone for money..never out of just plain helpfulness ..?

Most of the world's major websites and IT systems run ( and have run for the past 3 to 4 decades ) on FOSS..Windows and or Mac ( Apple ) systems are only dominant on the desktop machines /systems that come preloaded with retail purchased computers..or due to "Office" and "Adobe" products et al..

Android / Apple / IOS are merely the latest versions of ( using variants of what was originally FOSS ) and slathering layers of code obfuscation onto it in order to make a more "locked down environment"..which of course comes with "stores" which take a large percentage of any monies that the actual coders would like for their apps.

If users knew what they had on their systems..and sanitised them..the ad clicking ( knowingly or via their infected ad clicking OSs ) internet would come to a halt overnight as all the bot nets would wither and die..Not to mention all those ads that the advertisers pay for that are displayed ( paid for display ads run by G and other ad networks ) coded to be so far out of the view screen area that they may aswel be in another universe ) Google would lose 90% of it's valuation and ad agency customers ( who buy the ad slots on Google for their befuddled customers ) overnight would lose 99% of their customers..

Users do not "think"..ads and the internet driven by ads ( and the ad industry ) does not want them to think..it wants them to use their "lizard brain"..the part that does things for reasons that they have no idea about ..it wants them to react..it knows that they are driven by basic "lizard brain" drives..

I was also involved in the "ad industry" for many years..you'd be amazed / horrified how easy it is to manipulate the lizard brain in humans..the internet just extended / expanded "our/ their" reach and influence in all areas, commercial, political etc ..massively..

Edited February 25, 2020 by mikesc

[Bert51]

mikesc, i still remember when my company IT department thought my skills needed updating and sent me to learn DOS 4.0.

I was happy to get away from zero's and one's.

Bert.

[mikesc]

Hah :)) ..another with memories of a 3 button keyboard..( 0.1.enter..space key being a luxury ) :)
Shoe boxen of punch cards ..which, after the 1st "drop" had a diagonal stripe along the card backs and sequentially numbered cards..and having to wait over a week ( while the machine that we were allocated some time on ran what we had programmed ) to see if we had made any mistakes..
Guy who taught me remembered doing it all with diodes, light bulbs and wires etc..

Speaking of some of those who taught us and those who led the way etc ..we post upon the shoulders of the greats and the giants..

Katherine Johnson
and
Larry Tesler

[MikeRock]

Oh NO, Not the 'dropped boxen'......  yup, and more than a shoebox full.....  and it was windy between the Chem E. building and the Computer room...  IBM 1620.   Fortran 3.   Fun times.   And yes, the diagonal stripes saved the day pretty much. 

Memories!   We used to keep our horses over at the county fair buildings all  through the class year.  One time a grad student from Oklahoma put up a poster of a horses butt and some comment........well, next morning it seems the horse had taken exception to something and crapped all over said student's desk!!  Load of road apples and he was not happy :((

 

Thanks for the shout out about Katherine Johnson.   Number cruncher non pareil.

Edited February 25, 2020 by MikeRock

[Bert51]

After I did the course we got our first real keyboard and an IBM interface to the main frame.

Heady times.

Bert.

[fredk]

I know nowt about programming but I do remember when the local community newspaper I worked for got its first computer. It had a 6 inch screen. Everything we typed in was white on a black screen. Then we had to type in a load of commands to make it print out. One mistake and you had to type all those commands in again. Stupid thing was the bosses said everything had to be typed in and printed out, proof read, then sent to the printers who typed it into their printing computer. Up to then we just wrote it all on paper and sent it over. A lot of kerfuffle wasting time so it was.

[billybopp]

Oh yeah.   Dropped cards were the stuff of nightmares.  One day, the boss brought in his daughter who was 4 or 5 or so at the time decided that it might be fun to pull out the drawers and use them like stairs to climb.  Thankfully she was uninjured when the whole cabinet tipped over spilling most of its contents on the computer room floor.   We were also fortunate that that particular cabinet had mostly end-of-month/year programs in it and not the daily processing!  Sometimes you get lucky.

- Bill

[Vikefan]

Same issue a few days ago, and again today.  Expired Cert...

Vikefan