USMB data breach??? Is this spam?

Cellblock2429

Diamond Member
Gold Supporting Member
Jul 22, 2016
33,764
14,293
1,600
New York
upload_2019-12-19_11-30-1.png
 
It's an unsecured site. It's disturbing I can't delete my account, my security suite warns me each time I log in.
 
It's just a flash based ad designed to mimic chrome's password checkup. It probably takes you to a site peddling some junk software.

Here's what the real one looks like...there's only subtle differences, it's clever ad design.

191211112617-20191210-keyword-blog-breach-detection-exlarge-169.jpg
 
Last edited:
I'm using Firefox and Firefox says everything posted here is completely insecure ... the lil' lock icon has a red slash through it ...

That's because the security certificate is self signed. Self signed certificates simply don't provide all of the security that certicifates signed by a certificate authorty do.
 
Last edited:
Doesn't that mean there is no security certificate? ... I thought I was sending my packets in plain text ... anyone along the way can read them ...

No, it's just self signed.

if you put a s behind http, you can secure it. Theoretically.

Like this....

https://www.usmessageboard.com/

Try it.

Actually, that'll give you partial encryption. Which is more than not typing the S after the http
 
Last edited:
Doesn't that mean there is no security certificate? ... I thought I was sending my packets in plain text ... anyone along the way can read them ...

If somebody wants to read what you're transmitting, they're gonna do it regardless. Even with a vpn. There's simply no such thing as privacy online today.

You'd be amazed at what you can see just by reading the forum on a Linux machine and having the right software installed.
 
Last edited:
Relevant reading - Pen register - Wikipedia

Trap and trace stuff pertaining to both telephones and Internet data. Thanks to a derelict congress, a complicit electorate and 9 clowns in gowns it's completely outside of constitutional protection now. Used to be it was constitutionally protected. But now they say it's not a search because the "petitioner voluntarily conveyed numerical information to the telephone company.''

Actually, I suppose that's technically off topic here. I still had that other thread on my mind, though. The one where folks are complaining about the fbi knocking on doors? Even though they're cheering for the nut who just signed a bill saying government can put em in a cage whenever they want without charge nor trial. lol. Only in America. Sigh...
 
Last edited:
" USMB Is Not Using Secure Connectivity "

* Shorts Down *

usmb website protocol is http and not https , which means that any time someone uses their password to login it arrives in clear text , and anyone capturing traffic on its ip can read it .

[ you@computer ~]$ nslookup www.usmessageboard.com
Name: usmessageboard.com
Address: 69.195.131.173
 
" Risk Level High "

* Mitigation Easy *

That's because the security certificate is self signed. Self signed certificates simply don't provide all of the security that certicifates signed by a certificate authorty do.
At this level of relevance , a self signed certificate would be fine as there is not a need to pay a certificate authority , but there is not a certificate bound to http protocol .
 

New Topics

Forum List

Back
Top