Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
For those unaware SSL (Secure Sockets Layer) is a form of cryotgraphy use to transport data across a network - most commonly the internet. If you are communicating with a web site over SSL you'll notice HTTPS (as opposed to HTTP) in the browser. Your bank, facebook, twitter or any web site with any sort of decent revenue should be using SSL. Essentially what happens is when you access a site all the data that gets sent back and forth will be encrypted. When it gets to other end it will be decrypted and either displayed by your web browser, or processed by the web server depending on which direction the data is going.
When a website doesn't use SSL (such as bigfooty) all the data that gets sent across the network will be in plaintext. This data includes your username and password when you enter it. If someone was to run a program like wireshark which is able to watch traffic that passes through any network it's connected to. And yes this works, I've run wireshark on my home network and logged onto bigfooty and was able to see my username and password in amongst the data.
I really can't make it any less technical than that.
So yeah it's a pretty concerning issue for anyone who values their privacy... but most people don't so it will pass over 95% of people. SSL is one of the cornerstones of Internet Security and given how many people have relied on it for security it's a bit of a worry because it's really not known how exploited this bug was (maybe it was hardly exploited at all).
I always push for the open source community so it's disappointing that this has happened, but in some respects it shows the value of the Open Source community because they were able to pick it up - albeit extremely delayed.
Companies who use proprietary SSL software... It may be secure, it may not be. There is just no way for people to know so you're purely relying on them to be honest in their dealings.
For those unaware SSL (Secure Sockets Layer) is a form of cryotgraphy use to transport data across a network - most commonly the internet. If you are communicating with a web site over SSL you'll notice HTTPS (as opposed to HTTP) in the browser. Your bank, facebook, twitter or any web site with any sort of decent revenue should be using SSL. Essentially what happens is when you access a site all the data that gets sent back and forth will be encrypted. When it gets to other end it will be decrypted and either displayed by your web browser, or processed by the web server depending on which direction the data is going.
When a website doesn't use SSL (such as bigfooty) all the data that gets sent across the network will be in plaintext. This data includes your username and password when you enter it. If someone was to run a program like wireshark which is able to watch traffic that passes through any network it's connected to. And yes this works, I've run wireshark on my home network and logged onto bigfooty and was able to see my username and password in amongst the data.
I really can't make it any less technical than that.
So yeah it's a pretty concerning issue for anyone who values their privacy... but most people don't so it will pass over 95% of people. SSL is one of the cornerstones of Internet Security and given how many people have relied on it for security it's a bit of a worry because it's really not known how exploited this bug was (maybe it was hardly exploited at all).
I always push for the open source community so it's disappointing that this has happened, but in some respects it shows the value of the Open Source community because they were able to pick it up - albeit extremely delayed.
Companies who use proprietary SSL software... It may be secure, it may not be. There is just no way for people to know so you're purely relying on them to be honest in their dealings.
The only thing I was really worried about was my Steam account, and I changed my password as soon as they fixed the issue.
your secret identity is safe with meDo you think our true identities will be revealed on BF?
What is a Steam account?