Is it just me?

Joined
Apr 3, 2007
Messages
2,012
Kristi is looking into it.

sal
Hi Sal,

I saw Kristi's note that SSL is being disabled. Please note that by doing this all traffic through forums is unencrypted, INCLUDING PII(personal identifiable info) and sensitive data i.e. username, email and password. You should add in your notice that until the SSL issue is fixed, the forums user should not attempt to login to their account, or perform any action that would send sensitive/personal info through the site. This is important as your company could be subjected to a lot of liabilities because this is considered a data breach.
 
Joined
Mar 7, 2001
Messages
4,608
While I agree that giving warning is educational and better be there, anyone sending sensitive information without SSL is doing so at own’s risk. It has been always a good health check on the security before doing so.
 
Joined
Apr 3, 2007
Messages
2,012
While I agree that giving warning is educational and better be there, anyone sending sensitive information without SSL is doing so at own’s risk. It has been always a good health check on the security before doing so.
A large percentage of population(maybe 99+%) doesn't even know about this though, so it's generally a good advise even if it serves to educate people more on basic security to protect their info. While not really applicable to the forums, the main www site is an ecommerce site and if they are taking credit card transaction, they need to be PCI compliant. This would be considered a breach if the same issue would happen on their ecommerce site, which some forum users may also use.
 
Joined
Mar 7, 2001
Messages
4,608
A large percentage of population(maybe 99+%) doesn't even know about this though, so it's generally a good advise even if it serves to educate people more on basic security to protect their info. While not really applicable to the forums, the main www site is an ecommerce site and if they are taking credit card transaction, they need to be PCI compliant. This would be considered a breach if the same issue would happen on their ecommerce site, which some forum users may also use.

The main site is not affected. It seems we’re looking at it from different angles but actually we’re in agreement. ;)

Can anyone get on the forum yet? I can’t. It’s been days.

Yes, if you can live without SSL for time being.
 

sgt1372

Platinum Member
Joined
Oct 16, 2018
Messages
2,587
Got into the forum site yesterday and today using Windows 7 w/Firefox.

However, when I enter my password, I do get a popup telling me that the site is NOT secure. Get a the lock w/a slash through it in the web address which confirms this. On the other hand, the main Spyderco website (where you can place an order for knives) is not so affected. I do not get a "not secure" warning and the there's a little green lock (w/o a slash) shown next to the web address for that.

So, the sites apparently operate separately even though they use the same username and password for both.
 
Last edited:

attila.

Gold Member
Joined
Oct 7, 2012
Messages
273
Yup. I kinda like not having the forum available for a while. I haven't been worried about missing a sprint announcement.
 
Joined
Jun 10, 2013
Messages
38
Is there a work around to see it? Using a browser that lets you view it without SSL? Or is there no traffic anyway because most people aren't able to get in?
 
Joined
Jun 30, 2005
Messages
4,158
Well I went to log in and password was incorrect. Tried a few variations I use - all incorrect. So I decide to say screw it and reset my password. Hit reset, yet I am not receiving an email to reset it. Nothing in the inbox, nothing in the spam folder, so I am unable to log in.
 
Top