If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
No More Mixed Messages About HTTPS
Google Chrome will gradually start ensuring that https:// pages can only
load secure https:// subresources. In a series of steps outlined the article linked below, They will start blocking mixed content (insecure http:// subresources on https:// pages) by default. This change will improve user privacy and security on the web, and present a clearer browser security user experience to users. https://blog.chromium.org/search/label/chrome%20security -- With over 1,000,000 million devices now running Windows 10, customer satisfaction is higher than any previous version of windows. |
Ads |
#2
|
|||
|
|||
No More Mixed Messages About HTTPS
On Sat, 5 Oct 2019 21:41:59 +0100, ? Good Guy ?
wrote: Google Chrome will gradually start ensuring that https:// pages can only load secure https:// subresources. In a series of steps outlined the article linked below, They will start blocking mixed content (insecure http:// subresources on https:// pages) by default. This change will improve user privacy and security on the web, and present a clearer browser security user experience to users. https://blog.chromium.org/search/label/chrome%20security That's interesting. There may then arise the need for there to be two versions of some innocuous resources: one secure and the other not. -- Eric Stevens There are two classes of people. Those who divide people into two classes and those who don't. I belong to the second class. |
#3
|
|||
|
|||
No More Mixed Messages About HTTPS
"Eric Stevens" wrote
| https://blog.chromium.org/search/label/chrome%20security | | That's interesting. There may then arise the need for there to be two | versions of some innocuous resources: one secure and the other not. | Current browsers can handle it. The problem is with websites that don't provide https or provide only an unsafe version of encryption. But there is one issue with no solution: I read recently that FTP can't be encrypted. So people might be blocked from accessing via FTP if they use Chrome. |
#4
|
|||
|
|||
No More Mixed Messages About HTTPS
On 10/6/2019 8:56 AM, Mayayana wrote:
But there is one issue with no solution: I read recently that FTP can't be encrypted. FTP can be encrypted, but not all FTP programs support it. The current version of FileZilla supports encrypted FTP and one has to opt out of using it, so then it's a matter of whether the website server also supports it. -- best regards, Neil |
#5
|
|||
|
|||
No More Mixed Messages About HTTPS
On Sun, 6 Oct 2019 08:56:11 -0400, Mayayana wrote:
But there is one issue with no solution: I read recently that FTP can't be encrypted. Can you tell us where you read this? I have used FTPS, which is FTP encrypted. https://en.wikipedia.org/wiki/FTPS -- Kind regards Ralph |
#6
|
|||
|
|||
No More Mixed Messages About HTTPS
On Mon, 07 Oct 2019 06:51:02 +1300, Ralph Fox wrote:
On Sun, 6 Oct 2019 08:56:11 -0400, Mayayana wrote: But there is one issue with no solution: I read recently that FTP can't be encrypted. Can you tell us where you read this? You have to differentiate FTP from FTPS and SFTP. With plain FTP, the session isn't encrypted, meaning the username and password can be sniffed. The payload can be encrypted, of course, but that would have to be done before the transfer. With FTPS and SFTP, the entire session is encrypted. Mostly. I have used FTPS, which is FTP encrypted. https://en.wikipedia.org/wiki/FTPS |
#7
|
|||
|
|||
No More Mixed Messages About HTTPS
"Ralph Fox" wrote
| But there is one issue | with no solution: I read recently that FTP can't be | encrypted. | | Can you tell us where you read this? | | I have used FTPS, which is FTP encrypted. | https://en.wikipedia.org/wiki/FTPS | I don't remember where I saw it but I think it was in connection with the push for https in browsers. In other words, that browsers don't support encrypted FTP, which would mean no longer being able to download directly from FTP links and browse FTP storage. Most people don't actually use FTP software. You probably know more about it than I do. I may be wrong. But this site seems to bear out what I read: https://www.cerberusftp.com/support/help/ftp-support/ |
#8
|
|||
|
|||
No More Mixed Messages About HTTPS
In article , Mayayana
wrote: | But there is one issue | with no solution: I read recently that FTP can't be | encrypted. | | Can you tell us where you read this? | | I have used FTPS, which is FTP encrypted. | https://en.wikipedia.org/wiki/FTPS | I don't remember where I saw it but I think it was in connection with the push for https in browsers. In other words, that browsers don't support encrypted FTP, which would mean no longer being able to download directly from FTP links and browse FTP storage. Most people don't actually use FTP software. most people don't use ftp. those who do, use ftp software, which supports sftp and ftps. |
#9
|
|||
|
|||
No More Mixed Messages About HTTPS
Mayayana wrote:
"Ralph Fox" wrote | But there is one issue | with no solution: I read recently that FTP can't be | encrypted. | | Can you tell us where you read this? | | I have used FTPS, which is FTP encrypted. | https://en.wikipedia.org/wiki/FTPS | I don't remember where I saw it but I think it was in connection with the push for https in browsers. In other words, that browsers don't support encrypted FTP, which would mean no longer being able to download directly from FTP links and browse FTP storage. Most people don't actually use FTP software. Sftp/ftps have been secure alternatives to ftp for decades. File download sites need to update their servers if they wish to continue to have their users use web browsers as clients. |
#10
|
|||
|
|||
No More Mixed Messages About HTTPS
On 05/10/2019 21:41, 😉 Good Guy 😉 wrote:
Google Chrome will gradually start ensuring that https:// pages can only load secure https:// subresources. In a series of steps outlined the article linked below, They will start blocking mixed content (insecure http:// subresources on https:// pages) by default. This change will improve user privacy and security on the web, and present a clearer browser security user experience to users. https://blog.chromium.org/search/label/chrome%20security -- With over 1,000,000 million devices now running Windows 10, customer satisfaction is higher than any previous version of windows. By the way you posted this here so can you tell us what has this got to do with Windows 10? |
Thread Tools | |
Display Modes | Rate This Thread |
|
|