Daz 3D Site Security Concerns
by Dan Webb · in Torque 3D Professional · 03/23/2012 (1:20 am) · 11 replies
I recently installed Google Chrome to replace the seemingly failing Firefox, and I noticed this when I visited the Daz 3D site:
I'm a tad concerned with this, as I have purchased a lot of stuff over the last few months. Does anyone know what this means in effect?
I'm a tad concerned with this, as I have purchased a lot of stuff over the last few months. Does anyone know what this means in effect?
About the author
I do terrains. Lots of other stuff too, but mostly terrains. I die in games more often than not because I'm admiring the view.
#2
Using image tags:
03/23/2012 (3:26 am)
The error means that some of the content comes from a regular web connection, and some comes from SSL. Browsers don't trust sites 100% when there's mixed content. To sum it up in one sentence, saving you from reading several books worth on security: They're lazy.Using image tags:
#3
03/23/2012 (5:58 am)
Thankyou Ronny. 
#4
Note that Firefox's default install does give you the same, less informative, warning that defaults to having a checkbox checked to not bother you with that warning again upon dismissing the warning prompt. Hence why you haven't seen it prompt you about it recently just before the switch to Google Chrome.
03/23/2012 (9:58 am)
Ronny got it right, you're only getting that warning message is because the site doesn't have all their links as https:// (HTTP Secure with SSL/TLS) instead some of them are http:// (plain non-secure Hypertext Transfer Protocol). If this GarageGames website were to offer HTTPS for the forums then you would get that alert no matter what on majority of forum posts that include links as hardly anybody posts https:// links.Note that Firefox's default install does give you the same, less informative, warning that defaults to having a checkbox checked to not bother you with that warning again upon dismissing the warning prompt. Hence why you haven't seen it prompt you about it recently just before the switch to Google Chrome.
#5
03/23/2012 (6:12 pm)
Running mixed content can open a site up for man in the middle attacks, especially when both types rely on the same authentication tokens. It's covered in a talk by someone who knows what he's talking about: blog.ivanristic.com/2010/01/how-to-render-ssl-useless.html
#6
I'll read that and hopefully the new-found knowledge will arm me somewhat more effectively than I am now. Ignorance may be bliss, but it'll also tear you a new one.
03/24/2012 (3:54 am)
@Ronny - I was relieved when I read Nathan's post, then you went and scared me again! :PI'll read that and hopefully the new-found knowledge will arm me somewhat more effectively than I am now. Ignorance may be bliss, but it'll also tear you a new one.
#7
03/24/2012 (8:11 am)
Nobody's safe. Evil hackers are everywhere! 
#8
03/24/2012 (12:45 pm)
Yeah, just this morning I found an evil hacker under my bed. I felt bad, but I had to kill him. I mean, he was evil, and that makes it okay, right? 
#9
03/24/2012 (12:52 pm)
Evil hacker or script-kiddie? There is a difference ;)
#10
03/24/2012 (8:15 pm)
I was thinking of evil hardware hackers with listening devices hooked up to your cables :) 
Torque Owner Dan Webb
PsyCandy Games