TUG MEMBERS: Joining TUG does not automatically register you as a user of the TUG Bulletin Board. You must register yourself.


*ads are disabled when logged in*
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. The TUGBBS forums are completely free and open to the public and exist as the absolute best place for owners to get help and advice about their timeshares for more than 24 years!

    Join tens of thousands of other owners just like you here to get any and all Timeshare questions answered!
    Dismiss Notice
  3. Sign up to get the TUG Newsletter for free! Join tens of thousands of other owners who get this every week! Latest resort reviews and the most important topics discussed by owners during the week!
    Dismiss Notice
  4. Follow the TUG Member Banner as it travels the world on vacation with Timeshare owners! Also sign up to get the banner sent to you so you can submit a photo of your vacation with the banner to share with TUG! Banner Thread
    Dismiss Notice
  5. Note that the "About the rest of TUG" and "About TUGBBS" forums have been moved further down the list under the lounge area. just in case anyone was wondering where they disappeared to!
    Dismiss Notice
  6. A few of the most common links here on the forums for newbies and guests!
    Dismiss Notice
  7. TUG started 24 years ago this month in 1993 as a group of owners on prodigy! Check out our happy birthday post here: Happy Birthday TUG!
    Dismiss Notice
  8. The TUG forums have been upgraded this evening to now utilize https as a more secure way to connect and browse the site (Especially for those logged in). please let us know if you experience any issues or errors while on the site so we can correct them! it is our hope that this is a completely seamless change/upgrade! Forum upgrade thread
    Dismiss Notice

"Connection is not Secure" - message some of you may see in some web browsers

Discussion in 'About the Rest of TUG' started by TUGBrian, Mar 27, 2017.

  1. TUGBrian

    TUGBrian Administrator

    Joined:
    Mar 24, 2006
    Messages:
    15,672
    Likes Received:
    709
    Trophy Points:
    113
    Location:
    Florida
    Just a quick FYI on this, some recent updates to both firefox and chrome will now pop up a small warning either in the address bar or near the top of the page that say something like "page not secure" or "connection not secure".

    Rest assured, nothing on the TUG side has changed and TUG pages are no less (or no more) secure than they have always been.

    This is merely a new implementation for some web browsers to further inform end users when a connection is secure or not.

    We have gotten a few emails from members questioning the new warnings when they browse the site (specifically the login pages for the forum and the member only section) and I simply wanted to post a note so that folks dont fear their computers/browsers...or the TUG website was somehow compromised.

    This is just the beginning of the move away from HTTP to a more secure web...and we will make plans to upgrade both the member only site and the forums to utilize a secure connection and thus eliminating the warnings and improving security altogether.

    Thanks for taking the time to read my ramblings! hope it answers any questions members might have if they are seeing the messages when visiting the forums or the member only page!
     
    dioxide45, klpca, AnnaS and 2 others like this.
  2. buildsmart

    buildsmart TUG Member

    Joined:
    Mar 30, 2015
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Rockville Maryland
    I had a pop up window say that I was infected by Malware from Microsoft. The computer froze and asked that I click a link to get the virus removed. Its a scam. I just ahrd restarted my computer and when it started up again I ran a virus scan and nothing was there.
     
  3. Makai Guy

    Makai Guy Administrator

    Joined:
    Jun 3, 2004
    Messages:
    3,642
    Likes Received:
    141
    Trophy Points:
    63
    Location:
    Aiken, SC, USA
    Resorts Owned:
    Spicebush (Hilton Head Island)
    Yes, this is a well-known scam. But it has nothing to do with the "insecure login" browser alerts Brian is talking about.

    Did this happen while you were visiting TUG?
     
  4. Larry M

    Larry M TUG Member

    Joined:
    Jan 23, 2012
    Messages:
    172
    Likes Received:
    14
    Trophy Points:
    18
    Location:
    Raleigh, NC
    Kind of a nuisance to have to get an SSL certificate for a couple of hundred bucks every two years even though you don't handle money or have personally identifiable information on the site. I've got that issue on a few websites I maintain.

    Fortunately, there are some new certificate authorities, like Let's Encrypt, that provide this as a free service.

    Good luck!
     
  5. TUGBrian

    TUGBrian Administrator

    Joined:
    Mar 24, 2006
    Messages:
    15,672
    Likes Received:
    709
    Trophy Points:
    113
    Location:
    Florida
    yea we are working with the host to try some other alternatives to paying for a full ssl certificate...its going to require an upgrade to our existing server though.

    hard to believe we are still running on the same server for the forum since 2008!
     
  6. rmfine

    rmfine TUG Member

    Joined:
    Dec 15, 2007
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
  7. Larry M

    Larry M TUG Member

    Joined:
    Jan 23, 2012
    Messages:
    172
    Likes Received:
    14
    Trophy Points:
    18
    Location:
    Raleigh, NC
    Yup, that's exactly what's happening. Google is bullying everyone into using SSL, whether security is needed or not. However, it is quite ironic that you can do a Google search for free SSL certificate providers and solve the problem neatly.
     
  8. Makai Guy

    Makai Guy Administrator

    Joined:
    Jun 3, 2004
    Messages:
    3,642
    Likes Received:
    141
    Trophy Points:
    63
    Location:
    Aiken, SC, USA
    Resorts Owned:
    Spicebush (Hilton Head Island)
    I don't know about Chrome, but if you want FireFox to stop warning you of these "insecure" connections, do this:
    • Enter about:config in the Address/URL bar.
    • Press the button to agree to be careful (if you haven't done this previously).
    • Enter insecure in the Filter bar to limit display to just options containing 'insecure'.
    • Double-click on each of the following two options to toggle them between true and false. Set them to false:
      security.insecure_field_warning.contextual.enabled
      security.insecure_password.ui.enabled
    If you also want to enable autologging in without having to click on your username, while in the about:config editor:
    • Enter autofill in the Search bar.
    • Double-click on signon.autofillForms.http and toggle it to true.
    NOTE: if any of the above options are not found, you can create them manually. Right-click (control-click on Apple) an empty space in the option list. Click New | Boolean. Enter the option name and appropriate true/false value.
     
    Last edited: Sep 14, 2017
  9. TUGBrian

    TUGBrian Administrator

    Joined:
    Mar 24, 2006
    Messages:
    15,672
    Likes Received:
    709
    Trophy Points:
    113
    Location:
    Florida
    we have completed the upgrade of the TUG2.COM members only site to utilize https...so now those of you visiting this site should no longer see this message within your browser.

    we are still working on upgrading the forum site, its just taking a bit longer since this is a much older server/hardware/software than the tug2.com side is!
     
    dioxide45 likes this.
  10. TUGBrian

    TUGBrian Administrator

    Joined:
    Mar 24, 2006
    Messages:
    15,672
    Likes Received:
    709
    Trophy Points:
    113
    Location:
    Florida
    also if you see any errors or have any problems navigating the tug2.com site, please email / pm me, or simply reply here so we can address it!
     
  11. izzymail

    izzymail Guest

    Joined:
    Sep 14, 2017
    Messages:
    18
    Likes Received:
    30
    Trophy Points:
    13
    Just FYI, a week or so ago I left a TUG forum up on my desktop and got this bogus virus screen as well until I killed the browser. Could be a coincidence but I have not had that happen before on that particular PC.
     
  12. TUGBrian

    TUGBrian Administrator

    Joined:
    Mar 24, 2006
    Messages:
    15,672
    Likes Received:
    709
    Trophy Points:
    113
    Location:
    Florida
    would really have no activity to or from the site if you just left the forum open in a browser.
     
  13. rfc0001

    rfc0001 TUG Member

    Joined:
    Jul 30, 2013
    Messages:
    1,154
    Likes Received:
    13
    Trophy Points:
    38
    Location:
    DVC info
    Resorts Owned:
    DVC: SSR, Aulani, PVB
    HGVC: Kings' Land Phase 1, Tuscany Village
    It's worth noting all pages on the forum are over http including the login page, which means if you are logging in from a public Wi-Fi your username and password are completely clear text for anyone sniffing the traffic (which is trivial to do). Bottom line: don't reuse your username and password used on TUG forum on other websites and you should enable Two-Step Authentication to prevent unauthorized access and protect personal information.
     
  14. TUGBrian

    TUGBrian Administrator

    Joined:
    Mar 24, 2006
    Messages:
    15,672
    Likes Received:
    709
    Trophy Points:
    113
    Location:
    Florida
    as mentioned in the other thread, we are in the process of converting the .net and bbs sites to use HTTPS.

    but as also mentioned, this is the same level of security that has existed since the forum began...its no more or less secure than it was yesterday. care should always be taken when browsing the web on public wifi networks...and id never suggest visiting any site that contains personal information for sure! but if you must, please be sure the login and password as mentioned above is one you dont use for anything else!

    browsing TUG from your home, or work, or any other secure/private network is not impacted by this as the chances of someone accessing the traffic between your home/work computer and the sites you are browsing is very very low.
     
  15. TUGBrian

    TUGBrian Administrator

    Joined:
    Mar 24, 2006
    Messages:
    15,672
    Likes Received:
    709
    Trophy Points:
    113
    Location:
    Florida

Share This Page