Avid Pro Audio Community

Avid Pro Audio Community

How to Join & Post  •  Community Terms of Use  •  Help Us Help You

Knowledge Base Search  •  Community Search  •  Learn & Support


Avid Home Page

Go Back   Avid Pro Audio Community > General Discussion & Off Topic > General Discussion

Reply
 
Thread Tools Search this Thread Display Modes
  #11  
Old 03-27-2019, 08:07 PM
andrej770 andrej770 is offline
Member
 
Join Date: Dec 2000
Posts: 432
Default Re: Avid DUC not secure?

https certificates cost. This is a free forum where the terms are clearly, share at your own risk, it still falls back on individuals to understand the risk, assess it and take the necessary precautions. There is no bonafide reason to use https on this site other than to placate the paranoid. I would not waste the money frankly. There are no scripts running on this site or any vBulletin software that grabs passwords. A cookie is saved and thats it. FUD only works to on those unwilling to educate themselves on the real risks. Google scrapes this site nightly so every word you type is searchable on google.

While the whole conversation is a great discussion to have in context of information classified at a certain level other than public (which all forum data is), the risk here is so low its not worth the money investing in securing it with https. Kinda like putting a deadbolt on your dog's doghouse door. What are you protecting that any one really wants other than fleas.

Just MHO!
__________________
Mac 8 Core 6,1 - OSX 10.13.6 - 32GB RAM - Pro Tools 2018.10 - 8x8x8+8 ch DA Card (x2) - HD OMNI - ICON D-Control 32 - Sync I/O - Sonnet xMac Pro Server w/HDX x 1, Blackmagic Intensity Pro 4K
Protools 2018.10 HD Native in 1 project suite
Eristopher Music
Reply With Quote
  #12  
Old 04-03-2019, 09:01 AM
jeffro's Avatar
jeffro jeffro is offline
Avid
 
Join Date: Jun 1999
Location: SF Bay Area
Posts: 8,268
Default Re: Avid DUC not secure?

Understand your concerns, looking into this with our host... stay tuned.
__________________
Reply With Quote
  #13  
Old 04-03-2019, 10:21 AM
K Roche's Avatar
K Roche K Roche is offline
Member
 
Join Date: Jan 2006
Location: Wilds of Wyoming
Posts: 958
Default Re: Avid DUC not secure?

Quote:
Originally Posted by Frank Kruse View Post
Anyone with a DropBox, Adobe, Yahoo, Myspace, LinkedIn account and many more has likely had his credentials compromised via past data breaches.

You can check here if your address comes up in one of these databases.

https://haveibeenpwned.com

It's not only about keeping credit card info safe but also about identity theft which can gain access to the latter indirectly. If you are still using the same logins since those breaches happened you'd better change them asap.
Wait how do we know that link is not some dark web email address gathering bottomless hole ??
__________________
System :
Avid HD Omni I/O Interface ...Mid 2010 Mac Pro/ processor- 3.33 6-core Intel Xeon "Westmere" w/ Memory- 24 GB........PTHDN 2018.12 on OS 10.13.6 High Sierra on primary boot drive (SSD PCIe 512 GB Samsung SM951) FCPX files storage on Apple 1TB HDD and PT sessions storage on Apple 2TB HDD--


"Peace cannot be kept by force. It can only be achieved by understanding" Albert Einstein

Enjoy the Journey
.... Kev...
Reply With Quote
  #14  
Old 04-03-2019, 05:51 PM
musicman691 musicman691 is offline
Member
 
Join Date: Dec 2009
Location: The Soprano State (NJ)
Posts: 16,158
Default Re: Avid DUC not secure?

Quote:
Originally Posted by K Roche View Post
Wait how do we know that link is not some dark web email address gathering bottomless hole ??
Let's put it this way - it returned false positives for places I've never been
__________________
Jack
See profile for system details
iMac dead & retired as of 11/4/17

QAPLA!
Reply With Quote
  #15  
Old 04-03-2019, 06:14 PM
Darryl Ramm Darryl Ramm is online now
Member
 
Join Date: Nov 2010
Location: USA
Posts: 13,055
Default Re: Avid DUC not secure?

Have I Been Pwoned is a *very* well respected security web site. And since that URL uses https, you can be confident that it's really that web site you are seeing. If your email address is listed there on "sites" you don't think you have been to it's a sign that somebody else may have been using your email address, or some bad sites have some of your data (some "sites" where your email address will be reported consist of data stolen elsewhere). It does not necessarily mean your email account has been compromised, but change your password anyhow.
Reply With Quote
  #16  
Old 04-04-2019, 03:29 AM
JFreak's Avatar
JFreak JFreak is offline
Moderator
 
Join Date: Jan 2003
Location: Tampere, Finland
Posts: 16,248
Default Re: Avid DUC not secure?

Quote:
Originally Posted by andrej770 View Post
https certificates cost.
That would be the worst excuse of not using https in a forum with a user base this large -- and a user base that may or may not have another account somewhere else in avid.com so let's just take Jeffro's word for it and assume Avid is once again taking a look into this...
__________________
Janne
What we do in life, echoes in eternity.
Reply With Quote
  #17  
Old 04-09-2019, 06:03 AM
andrej770 andrej770 is offline
Member
 
Join Date: Dec 2000
Posts: 432
Default Re: Avid DUC not secure?

Quote:
Originally Posted by JFreak View Post
That would be the worst excuse of not using https in a forum with a user base this large -- and a user base that may or may not have another account somewhere else in avid.com so let's just take Jeffro's word for it and assume Avid is once again taking a look into this...


Those “Secure” symbols don’t guarantee a website is safe from all threats. A phishing site, for example, can legitimately display that comforting green lock next to its https address.

Phishers make active use of this: According to Phishlabs, a quarter of all phishing attacks today are carried out on HTTPS sites (two years ago it was less than 1 percent). Moreover, more than 80 percent of users believe that the mere presence of a little green lock and the word “Secure” next to the URL means the site is safe, and they don’t think too hard before entering their data.

Don’t be lulled into thinking https is the answer, it’s just a step but also a step phishers have already moved beyond.

https://www.kaspersky.com/blog/https...afe/20725/amp/


Sent from my iPhone using Tapatalk
__________________
Mac 8 Core 6,1 - OSX 10.13.6 - 32GB RAM - Pro Tools 2018.10 - 8x8x8+8 ch DA Card (x2) - HD OMNI - ICON D-Control 32 - Sync I/O - Sonnet xMac Pro Server w/HDX x 1, Blackmagic Intensity Pro 4K
Protools 2018.10 HD Native in 1 project suite
Eristopher Music
Reply With Quote
  #18  
Old 04-09-2019, 07:11 AM
bobcharest bobcharest is offline
Member
 
Join Date: Mar 2019
Location: Westbrook, ME USA
Posts: 6
Default Re: Avid DUC not secure?

Point taken with regard to phishing sites.

i think the point of this thread is that It’s wise to not enter a password on an unsecure site that is the same as the password one uses on banking or credit card sites.

A best practice is to not make it easier for those looking to obtain passwords that they can use to crack IDs.

Encrypting data to/from this forum would be a good thing.

Best regards,
Bob Charest


Sent from my iPhone using Tapatalk
__________________
Best Regards,
Bob Charest

__________________________________________
Macbook Pro, Mac Mini, High Sierra 10.13.6, Protools 2018.12.0
Reply With Quote
  #19  
Old 04-09-2019, 11:41 AM
JFreak's Avatar
JFreak JFreak is offline
Moderator
 
Join Date: Jan 2003
Location: Tampere, Finland
Posts: 16,248
Default Re: Avid DUC not secure?

Quote:
Originally Posted by andrej770 View Post
Don’t be lulled into thinking https is the answer, it’s just a step
Of course, but would be nice to get that one sorted out
__________________
Janne
What we do in life, echoes in eternity.
Reply With Quote
  #20  
Old 04-09-2019, 11:44 AM
andrej770 andrej770 is offline
Member
 
Join Date: Dec 2000
Posts: 432
Default Re: Avid DUC not secure?

Still no one has posted the justification other than a nice to have. Its a forum that google scrapes nightly to so all comments are public. Someone explain what you are asking to be protected here? Yes there will be idiots that use the same password on DUC as they use on their bank and they deserve the issues their ignorance allows, to be frank. But encrypting a public forum with public information for public consumption - I don't get the point? Its like posting the national guard around a public park that has a public library on the grounds. What are they protecting?
__________________
Mac 8 Core 6,1 - OSX 10.13.6 - 32GB RAM - Pro Tools 2018.10 - 8x8x8+8 ch DA Card (x2) - HD OMNI - ICON D-Control 32 - Sync I/O - Sonnet xMac Pro Server w/HDX x 1, Blackmagic Intensity Pro 4K
Protools 2018.10 HD Native in 1 project suite
Eristopher Music
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
The best way to secure your ILOK crizdee Pro Tools TDM Systems (Mac) 13 02-14-2007 09:12 AM
"Secure Delivery Plug-in" what is that? K.B. 003, Mbox 2, Digi 002, original Mbox, Digi 001 (Win) 32 04-14-2004 07:54 AM
Warning: iLok site IS NOT secure! dkrz 003, Mbox 2, Digi 002, original Mbox, Digi 001 (Mac) 5 11-25-2003 11:16 AM
Digi Store not secure? jimlongo General Discussion 6 02-08-2001 11:25 AM


All times are GMT -7. The time now is 06:42 PM.


Powered by: vBulletin, Copyright ©2000 - 2008, Jelsoft Enterprises Limited. Forum Hosted By: URLJet.com