Scratch
archived forums
#1 2012-06-12 17:54:31
HTTPS on this website
I was reading another thread about what would happen if someone got hacked, and then realized someone could use a packet sniffer.
To prevent this, this website should allow HTTPS connections. These days, I know SSL certificates are pretty cheap (as low as $9/year).
This would effectively prevent an attack of that nature, and prevent people from eavesdropping on the connection and stealing information such as passwords.
Goodbye, Scratch 1.4
Hello Scratch 2.0! 
Offline
#2 2012-06-12 20:05:52
Re: HTTPS on this website
I thought they were more expensive for certificates.
I support the Free Software Foundation. Protect our digital rights!
Offline
#3 2012-06-12 20:10:28
Re: HTTPS on this website
bobbybee wrote:
I thought they were more expensive for certificates.
I get mine from PositiveSSL through NameCheap (I get a discount when I bundle it with a domain).
However, to get one from a better-known company such as VeriSign, it costs about $500.
Goodbye, Scratch 1.4
Hello Scratch 2.0! Offline
#4 2012-06-12 22:03:21
Re: HTTPS on this website
the scratch website is on a pretty secure server, and all SSL does is verify who it's from, (which is pretty odvious: mit.edu), and secure the server a tiny bit more. However, this could be quite reassuring to a vast majority of people so I support.
Eternity Tasks has launched into Alpha One!
Offline
#5 2012-06-12 22:04:54
Re: HTTPS on this website
XenoK wrote:
the scratch website is on a pretty secure server, and all SSL does is verify who it's from, (which is pretty odvious: mit.edu), and secure the server a tiny bit more. However, this could be quite reassuring to a vast majority of people so I support.
SSL encrypts the connection too.
Currently, data is sent unencrypted, and that is a problem as it can be intercepted.
Goodbye, Scratch 1.4
Hello Scratch 2.0! Offline
#8 2012-06-12 22:18:25
Re: HTTPS on this website
we're also talking a children's website that people are strongly discouraged from revealing private information, and most of the time when people say that they were hacked, it was merely a matter of guessing the password.
Eternity Tasks has launched into Alpha One!
Offline
#9 2012-06-12 22:19:52
Re: HTTPS on this website
However, there are some jerks that intercept communications to get passwords (usually they are targeting a specific person and are going to mess with their account on Scratch).
If they got HTTPS, this would be near impossible, while now, it is fairly easy.
Goodbye, Scratch 1.4
Hello Scratch 2.0! Offline
#10 2012-06-12 22:26:41
Re: HTTPS on this website
jvvg wrote:
However, there are some jerks that intercept communications to get passwords (usually they are targeting a specific person and are going to mess with their account on Scratch).
If they got HTTPS, this would be near impossible, while now, it is fairly easy.
Are we talking SSL, or TLS? I'd go TLS, I think it's a little more secure.
Eternity Tasks has launched into Alpha One!
Offline
#12 2012-06-12 22:28:15
Re: HTTPS on this website
XenoK wrote:
jvvg wrote:
However, there are some jerks that intercept communications to get passwords (usually they are targeting a specific person and are going to mess with their account on Scratch).
If they got HTTPS, this would be near impossible, while now, it is fairly easy.Are we talking SSL, or TLS? I'd go TLS, I think it's a little more secure.
I meant TLS, which is the newer version. I'm referring to it as SSL because more people know about that acronym.
Goodbye, Scratch 1.4
Hello Scratch 2.0! Offline
#14 2012-06-13 20:07:51
Re: HTTPS on this website
XenoK wrote:
TLS = Transport Layer Security... not that hard to remember for me... anyways I support
However, most people know of it as SSL. I'm not sure why, and didn't hear about TLS until last year.
Goodbye, Scratch 1.4
Hello Scratch 2.0! Offline