Inkbunny

IB Gear Latest Popular Members Search
 
Welcome to Inkbunny...
Allowed ratings
To view member-only content, create an account. ( Hide )
Inkbunny

Inkbunny SSL certificate updated to SHA-2

by
In brief: Inkbunny is now more secure, but some very old browsers and devices may no longer trust it.

Why change? Google and Microsoft are driving a migration to SHA-2, a new algorithm for signing the certificates that authenticate websites. Google's Chrome browser will soon warn if a site uses a SHA-1-signed certificate expiring after 2015, such as the one we bought this year.

This resulted in a downgrade of all SHA-1-signed certificates. Ours has been reissued with a SHA-2 signature (at no cost to the site), and so we're back to A+.

What's the catch? For almost all members, nothing. SHA-2 is slightly more complex, but our speed is limited by network bandwidth; hardware and software optimizations make the differences negligible.

However, Internet Explorer requires Windows XP SP3 or above for SHA-2 support; if you're on SP2, you'll have to change browser or upgrade your OS. SP2 is over a decade old, so you probably did this already.

Old mobile devices, such as those on Windows Phone 5/6, Blackberry 4.x, Android 2.2 and below, or iOS 2.x, may also be impacted. Alternate browsers may work for these platforms.

What's this meant to solve? Here's a simplified explanation. The idea is that given enough processing capacity, you can forge a digital certificate that lets you impersonate any website. It might take more than 200 PS3s today, but it can be done.

SHA-2 replaces the now-dubiously-secure SHA-1, which in turn replaced the entirely-broken MD5. There's a SHA-3 - but like SHA-2, it'll be years before support is widespread enough for it to be used.

How'd we find all this out? Working on the Inkbunny wiki. Ironically, it's still using a SHA-1 certificate, but we'll replace it when it expires next year.
Viewed: 393 times
Added: 10 years, 9 months ago
Site News Item: yes
Commenting Locked
 
35 Comments on this Journal
Leave a Comment...
johnbrittish
johnbrittish
10 years, 9 months ago
link
Thanks for all your work on the site!
MightBeFurry
MightBeFurry
10 years, 9 months ago
link
Thank you for staying on top of this!
AphroditeDraco
AphroditeDraco
10 years, 9 months ago
link
Thanks for letting us know.  :)
Lamia
Lamia
10 years, 9 months ago
link
good on ya'll, still the best gallery site there is
CeilYurei
CeilYurei
10 years, 9 months ago
link
When will we get some of the features that FA has that are any good? Um...mostly i guess this would mean direct sales. LOL. Oh and it would be nice if Inkbunny could get a shout box like on Lolicit. Live chat!
Dieff
Dieff
10 years, 9 months ago
link
FA has direct sales? This is the first I'm hearing
CeilYurei
CeilYurei
10 years, 8 months ago
link
SUPPOSEDLY has direct sales. I dunno. I never use it except for AriCub and her cute work. She doesnt do porn so never posts here.
axlegear
axlegear
10 years, 8 months ago
link
Trust me, they have no such thing.
CeilYurei
CeilYurei
10 years, 8 months ago
link
Interesting.
fibs
fibs
10 years, 8 months ago
link
Edited 10 years, 8 months ago by Owner
FurAffinity is the Internet Explorer of the furry web: frequently used due to momentum and laziness, but completely untrustworthy. They don't even support basic standard features like tag blacklisting, let alone anything unique or new.
CeilYurei
CeilYurei
10 years, 8 months ago
link
Not to mntion Dragoneer is so full of himself he has COMMISSIONED rt of him looking like an FA god. Voring banned people, calling them trolls, that kind of shit.
fibs
fibs
10 years, 8 months ago
link
Good thing that sumbitch doesn't know what I look like!

Also if he ever did that I could probably just sue him, he's U.S. right?
GreenReaper
GreenReaper
10 years, 8 months ago
link
Yes, but it's probably not actually against the law to call someone a troll. It would be to eat them, but then you'd be talking a criminal case.
fibs
fibs
10 years, 8 months ago
link
Utilizing my image or that of my self-representative character without permission is copyright infringement and, as Dragoneer would be using it to humiliate me, defamation of character.

The only protection he has is that I probably would not want to bring much attention to the situation. If he does it to someone who doesn't at all mind, then he can easily be screwed for it.
GreenReaper
GreenReaper
10 years, 8 months ago
link
Edited 10 years, 8 months ago by Owner
Mmm. Fair use for the purpose of parody? And defamation in the U.S. relies on false assertions of fact, whereas "is a troll" is an opinion.

I didn't ask to be featured in this comic, and although I really liked it, if I hadn't, I wouldn't have had much recourse in law (unlike on IB) - even though it is clearly intended to be me.

Until it happens to you, it's probably not worth bothering about, anyway.
CeilYurei
CeilYurei
10 years, 8 months ago
link
Actually in the vore one they were also referred to as scum.
GreenReaper
GreenReaper
10 years, 8 months ago
link
Also an opinion!
CeilYurei
CeilYurei
10 years, 8 months ago
link
Still proves Dragoneer is a dick. And it's lible still I think.
fibs
fibs
10 years, 8 months ago
link
Fair use is a claimed defense that must be upheld in court, not an automatic safe spot. In practice, "fair use" is only useful for convincing the IP owner not to sue in the first place. "Owner doesn't feel like suing" is pretty much the only reason fanfiction and fanart can safely exist in U.S. law (they generally do too little damage to be worth the costs of prosecuting and often are beneficial via free advertising.)

Your ability to sue the individual who used your image on that comic depends largely on the funds you have for a lawyer. A good / expensive lawyer would have no trouble winning you that case just by nature of your character obviously being used and the derivative work not being educational or a direct critique of you. The thing is that a) you obviously don't mind b) you're suffering very little damage if any from that comic and c) doing that would scare people away from you / Inkbunny and be more trouble than it's worth.

The possibility of defamation was more of a pipe dream or afterthought, really. Dragoneer would be much easier to nail for IP infringement than for defamation due to the inconsistency of defamation laws across the states - not all of them require false words to constitute defamation, slander and libel being specific subcategories of that - and the relative ease of suing for IP infringement in the U.S. Anne McCaffrey and Disney are notable examples of dangerous copyright holders, whereas Hasbro is extremely lax and actively avoids prosecution except for very special circumstances.

I'm starting to notice I have a habit of going off-topic when stuff is mentioned.
nelson88
nelson88
10 years, 9 months ago
link
Niceeee!^^
rautamiekka
rautamiekka
10 years, 9 months ago
link
XP is dead anyway, even Server 2003 is, so worrying about XP is worrying about wrong shit.
Kronj
Kronj
10 years, 9 months ago
link
But, something close to a third of windows systems are xp, that's hundreds of millions of computers running it.
rautamiekka
rautamiekka
10 years, 9 months ago
lockedlink
That's their problem, and the problem is called no support and it's heavily targeted. It's either upgrade, die or switch away to, such as, Linux.
LeonHunter
LeonHunter
10 years, 8 months ago
lockedlink
Yes, because Linux is that much more secure. Right.
rautamiekka
rautamiekka
10 years, 8 months ago
lockedlink
Yes, among other reasons.
fibs
fibs
10 years, 8 months ago
lockedlink
If you don't think Linux systems are more secure than Windows you know little about either.

There are several reasons Linux fedora-tippers claim Linux-types are "immune to viruses" and here is one: even if the user is a complete idiot, malicious software on a Linux system will be unable to access any system files because Linux doesn't passively give any user accounts administrative permissions.

Windows however does, meaning that any malicious software that runs while an "administrator user" is logged on has free roam over the entire system.

You can make Windows a ton much more secure simply by making a separate administrator account and never signing into it unless you need to perform a specific administrative function. This will still not make Windows as secure as Linux because Windows is coded like a circus and has no shortage of exploits and errors. Internet Explorer alone has dozens of huge bugs and security holes in any given month, as evidence by Microsoft patching that many every few months.
LeonHunter
LeonHunter
10 years, 8 months ago
lockedlink
Edited 10 years, 8 months ago by Owner
" FibrielSolaer wrote:
If you don't think Linux systems are more secure than Windows you know little about either.


This from a person who ignores the existence of User Account Control. I suggest you use Google my friend, less you want to come across as not only ignorant but also benighted.
fibs
fibs
10 years, 8 months ago
lockedlink
Did you seriously just use the incredibly broken and exploitable UAC as an attempt to ignore everything I just said to you? Of course you did. Typical Windows user.

I just said that the problem with Windows is that your user account itself gains administrative powers instead of a separate account, and here you are proving my point by showing me another Windows feature that... gives administrative powers to the user account.

Pro-tip: Malware can and always has very easily exploited "privilege elevation" vulnerabilities that have existed in Windows since Vista and have never existed in Linux. One way to do this? The malware can just try to run and thus pop up a confirmation prompt. 9/10 times a user will click "OK" just to make it go away. Real secure, Windows.

These exploits would not exist in Windows if the administrative account was completely separate from any user account. You know, like it is in Linux.

But please, continue ignoring what I'm saying to you and trusting Microsoft's word that their horrible design and shoddy coding is secure in the face of ample evidence to the contrary.
LeonHunter
LeonHunter
10 years, 8 months ago
lockedlink
Actually. I speak as someone who realises that one cannot group and quantify security exploits as a means of demonstrating that a particular system, product or service is more secure than an alternative. That is all. Security is and must always be a holistic approach. You cannot isolate it down to any one component and it is the height of intellectual dishonestly when you do.

I would also remind you that the user account does not “have administrative privileges” until such a point in time that the UAC module grants it to a specific process. That is the whole point of UAC.

Furthermore you have proved my point, “The malware can just try to run and thus pop up a confirmation prompt. 9/10 times a user will click "OK" just to make it go away.” – It is the user, not the operating system, that is at fault in this scenario. If an application instructed an unknowledgeable user: “This application must be run with administrative privileges” – They would likely do the same thing on Linux as occurs on Windows.
Inkbunny
Inkbunny
10 years, 8 months ago
lockedlink
This thread is no longer relevant to the topic of this post, and so has been locked.
GreenReaper
GreenReaper
10 years, 9 months ago
link
Edited 10 years, 9 months ago by Owner
They have a few options for this issue:
* Use any other browser than Internet Explorer.
* Upgrade to XP SP3 or a later version of Windows. If they have a legal copy, this is free.
* Change to another operating system.
rautamiekka
rautamiekka
10 years, 8 months ago
link
Upgrading to SP3 is not an option. XP ain't an option at all. Whatever you do, dump XP. It's that now or never, and never will bring so much trouble.
KNIFE
KNIFE
10 years, 9 months ago
link
You guys kick SO much internet ass! :D Thanks! :D
Yiffox
Yiffox
10 years, 8 months ago
link
hum, suggestion for next upgrade....which may be supersimple to do?  ability to embed utube vidoes in journals via BBCcode....we can do it on SF and FA, but not here

would be funner than directing people off your site  XD
GreenReaper
GreenReaper
10 years, 8 months ago
link
Edited 10 years, 8 months ago by Owner
It might be relatively simple, but we are concerned about the privacy implications. Perhaps the EFF's MyTube script would provide a solution.
New Comment:
Move reply box to top
Log in or create an account to comment.
 

Help

Information

Policy & Legal

Twitter Facebook LinkedIn

All artwork and other content is copyright its respective owners.

Powered by Harmony 'Gravitation' Release 80.

Content Server: Los Angeles Cache - provided by Inkbunny Donors. Background: Blank Gray.

The Inkbunny web application, artwork, name and logo are copyright and trademark of their respective owners.