Trains.com

Subscriber & Member Login

Login, or register today to interact in our online community, comment on articles, receive our newsletter, manage your account online and more!

Is this site secure

4155 views
26 replies
1 rating 2 rating 3 rating 4 rating 5 rating
  • Member since
    December 2007
  • From: Gateway City
  • 1,593 posts
Is this site secure
Posted by yankee flyer on Thursday, April 12, 2018 8:01 AM

Hey Guys

When I start to log in on firefox I get a warning that this site is insecure.I'm using Kaspersky for antivirus.

Any thoughts on this?

Lee

  • Member since
    July 2006
  • From: Phoenix, AZ
  • 1,835 posts
Posted by bearman on Thursday, April 12, 2018 8:06 AM

I use Chrome and never had any issues.

Bear "It's all about having fun."

  • Member since
    September 2013
  • 2,505 posts
Posted by caldreamer on Thursday, April 12, 2018 8:12 AM

NO,  the trains sites are NOT secure.  If you see "https" it is secure.  the "S" at the end means that it is using an encryption algorythem to send and receive data.  Firefox has security built into it the will notify you that the site that you are attempting to use is not secure.  ONLY use sites that you are sure that you want to access.  It is too easy for you to get hacked, especially if you are  using a Microsoft operating system.

  • Member since
    September 2003
  • 10,582 posts
Posted by mlehman on Thursday, April 12, 2018 8:48 AM

Not to worry. It's simply improved security notifications by Firefox. It doesn't mean there is a probem with the site as insecure, it's simply to raise awareness that it's not encyrpted.  Look at the URL and it starts with http. If it was a encrypted site, it would start with https. It's a good reminder, not a fault with the site.  Nothing has changed, nothing has been hacked. You're good.

Mike Lehman

Urbana, IL

  • Member since
    March 2002
  • From: Milwaukee WI (Fox Point)
  • 11,439 posts
Posted by dknelson on Thursday, April 12, 2018 10:45 AM

There are some very insecure people on this site.  I name no names.   Devil

Dave Nelson

  • Member since
    July 2006
  • 73 posts
Posted by santafe5000 on Thursday, April 12, 2018 11:00 AM

In the header box you should see:

cstrains/.........

Before the cstrains is a little circle with an exclamation. Click on that and it will give you a box that says your connection is not secure with some topics. Lower is a link to see what cookies are being set on every page you visit. Mine says Facebook is setting 3 different cookies, yet i am not on Facebook.  Others are the standard cookies that get set on just about every page to decide what pay ads you are shown.

James in TexasCowboy

  • Member since
    May 2010
  • From: SE. WI.
  • 8,253 posts
Posted by mbinsewi on Thursday, April 12, 2018 11:17 AM

Well that's interesting.  For me it says: Fire Fox is blocking parts of the page that may track your browsing.

Next line: You have not granted this site any special permissions.

That's it, nothing about any other cookies.

Mike.

  • Member since
    September 2003
  • 21,669 posts
Posted by Overmod on Thursday, April 12, 2018 11:26 AM

On a Mac running Firefox 50.0.2 over 10.9.5, it's "both".

When you set the preferences in Firefox to block certain kinds of tracking, it will automatically suppress those (and to my knowledge it will not save information about the specific things it is blocking; it just doesn't render them).

Meanwhile, in the information box that references the cs.trains.com URL, you will see an option to look at the actual cookies, and likely you will find some that have sneaked through the Kalmbach interface and made themselves resident (I had one from the New York Post and two from USA Today).  You can select these manually and delete them just as you should delete superfluous cookies from Firefox itself (via preferences) periodically.

My experience is that there have been FAR more 'issues', including fairly dramatic periodic problems with throughput and even browser halting, on Windows 7 and 10 using both Firefox and Internet Exploiter (I don't believe in Edge).  That's why I have substantially stopped bothering with those platforms except when accessing the forums from a hotel on the road.

As an aside, the "insecure" notification is really an artifact; the straight "http://" protocol was essentially deprecated in favor of "https://" late last year and you now see spam-in-a-can boilerplate alerts any time you try the nonsecure protocol now.  It does not mean there is any actual problem with security, just that the protocol leaves well-documented holes in the browser's ability to provide it.

  • Member since
    December 2007
  • From: Gateway City
  • 1,593 posts
Posted by yankee flyer on Thursday, April 12, 2018 12:07 PM

WOW

I'm pushing 80 years and I'm not sure I will be able to keep up with this computer stuff much longer.

I was in the hospital for a month and when I got out I received a letter saying that they had been hacked and all patient records were stolen. That has caused me to be spooked  anytime I log on some where, and this is from a guy that was trained as an electronic technition in the Air Force, Of cource that was in the age of vaccum tubes. Whistling

Thanks for the help.

Lee

 

  • Member since
    January 2015
  • From: Southern California
  • 1,682 posts
Posted by Lone Wolf and Santa Fe on Thursday, April 12, 2018 1:11 PM

    Basically someone might be able to see your password when you log in because it is not encrypted.
    Best advise: Don’t use the same password here that you use on any other site. If they steal your password from here then they can try to use it on other sites that might be more valuable like your banking sites.
    For sites which deal with your money always use a unique password for each site. I have a program installed on my computer called Password Keeper that has all my passwords in one place but you have to use a password to access them. Then you can just copy and paste instead of having to remember them.

Modeling a fictional version of California set in the 1990s Lone Wolf and Santa Fe Railroad
  • Member since
    February 2008
  • 8,879 posts
Posted by maxman on Thursday, April 12, 2018 2:50 PM

Overmod
in the information box that references the cs.trains.com URL

Which information box?

  • Member since
    May 2010
  • From: SE. WI.
  • 8,253 posts
Posted by mbinsewi on Thursday, April 12, 2018 3:02 PM

maxman
Which information box?

The bar (box) with two icons, and cs.trains.com/mrr/....(more info depending on the page)

The address bar.  Click on the icons.

Mike.

  • Member since
    November 2006
  • From: NW Pa Snow-belt.
  • 2,216 posts
Posted by ricktrains4824 on Thursday, April 12, 2018 9:37 PM

Is this site secure?

Depends...

Secure for talking about trains? Absolutely.

Secure for posting banking info, passwords, email addresses, etc...?

Nope.

Ricky W.

HO scale Proto-freelancer.

My Railroad rules:

1: It's my railroad, my rules.

2: It's for having fun and enjoyment.

3: Any objections, consult above rules.

  • Member since
    July 2006
  • From: west coast
  • 7,667 posts
Posted by rrebell on Thursday, April 12, 2018 10:12 PM

yankee flyer

WOW

I'm pushing 80 years and I'm not sure I will be able to keep up with this computer stuff much longer.

I was in the hospital for a month and when I got out I received a letter saying that they had been hacked and all patient records were stolen. That has caused me to be spooked  anytime I log on some where, and this is from a guy that was trained as an electronic technition in the Air Force, Of cource that was in the age of vaccum tubes. Whistling

Thanks for the help.

Lee

 

 

Nothing is secure, period. Anytime you see anything sent on a screen, it is possible for someone to hack in. Now that being said you have to be a real pro to hack these days with all the encryption ect. but it can happen. Still waiting for a big bank hack, it will happen, just a matter of time. That is why I don't do online banking.

  • Member since
    March 2015
  • 1,358 posts
Posted by SouthPenn on Thursday, April 12, 2018 10:13 PM

I am using Chrome on Windows. Chrome says this site is not secure.

South Penn
  • Member since
    January 2017
  • 2,980 posts
Posted by NWP SWP on Thursday, April 12, 2018 10:31 PM

Antivirus is good but I suggest taking your machine in to a reputable person with a degree in the field to do a scan at least yearly if not more often, I learned this the hard way when I brought my machine WITH an antivirus running to a computer tech about a software issue turns out my unit had a full blown virus/malware pandemic, I am not feeling any affects of it so I guess I wasn't too exposed. But lesson learned.

Steve

If everything seems under control, you're not going fast enough!

  • Member since
    November 2006
  • From: NW Pa Snow-belt.
  • 2,216 posts
Posted by ricktrains4824 on Thursday, April 12, 2018 10:52 PM

Antivirus software is not all made the same...

Its amazing how much certain companies antivirus will miss, compared to other antivirus companies product.

One good way to find out, is not to ask if a computer tech recommends a certain company, but instead ask, what they are using personally for antivirus software.

Most times, it is a much different answer that way.

Certain companies will pay a commission to tech's for sales. This will get you a favorable "recommendation" for said companies software.

However, those same tech's will most often not use said product, as they then do not trust it. (I am one who feels that if you must pay people to sell your product, but only pay them if they can successfully sell it, you have issues deeper than people not buying your product on their own....) 

And no, I will not bash those certain companies here. 

Nor will I make a recommendation of what to get for antivirus here.

But I will say that some are much better at their job, stopping virus and malware issues before they become issues, by preventing them from getting into your system, than others.

I will also say, never, no never, never ever, ever use that "pop-up" "virus/malware scan tool", (you all know that one....) as it actually will place a virus/malware (sometimes many!) on your computer. This allows the "company" to then "remove" it.

For a fee of course... (They can "remove" it all right, considering they "placed" it in the first place!)

That "company" is the "original ransomware" in my book!

Ricky W.

HO scale Proto-freelancer.

My Railroad rules:

1: It's my railroad, my rules.

2: It's for having fun and enjoyment.

3: Any objections, consult above rules.

  • Member since
    July 2006
  • From: west coast
  • 7,667 posts
Posted by rrebell on Friday, April 13, 2018 9:48 AM

NWP SWP

Antivirus is good but I suggest taking your machine in to a reputable person with a degree in the field to do a scan at least yearly if not more often, I learned this the hard way when I brought my machine WITH an antivirus running to a computer tech about a software issue turns out my unit had a full blown virus/malware pandemic, I am not feeling any affects of it so I guess I wasn't too exposed. But lesson learned.

 

Alot of that are scare tactics but then there are alot of people who do not use the computer wisely. I save anything important off-line. I have a copy of any programs along with core separate so I can go back to factory spec's and build back if there is a problem. In theory a virus could find the hidden factory spec's but that would be pretty powerfull malware to deploy against a person and they would proubly need to know your setup. My son once got into that space, don't know how he did it but once he reprogramed my parental codes on my satalite tv set up, a 1000 posabilitys (he is autistc).

  • Member since
    February 2002
  • From: Reading, PA
  • 30,002 posts
Posted by rrinker on Friday, April 13, 2018 5:29 PM

AV programs generally do not stop the cases where you click on a malicious email or web site. Maybe it's just me, but no computer where I am the only user (ie, no one else uses my computer) has ever been infected, despite my doing some things that the 'experts' might consider risky. Computers in the house that others use - I'm forever cleaning spyware off them.

 And what's a degree in the field? I've been in the computer biz 30 years now since graduating college. My degree is electrical engineering, so I guess that's somewhat related. One of my co-workers has been in the business about 15 years - his degree is psychology. And another never went to college. 

 There is a lot of misinformation bandied about when it comes to viruses and malware, but the easiest way to keep it off your computer is to think before you click. If in doubt, don't click. You won't miss your life changing lottery winnings, and if a message you deleted was erring on the side of caution, your friend will send you another. If a web site says you have a virus - it IS a virus, not yet on your computer, until you click. Microsoft, Apple, or any other big vendors do NOT call you to fix your computer. A Nigerian prince didn't pick you to receive his fortune. Bill Gates is not giving you part of his fortune (unless you are some worthy charity - wait, isn't my model railroad worthy of donation? Anyway..). Neither is Mark Zuckerberg. You did not win a free iPhone or iPad.

 I could go on, but it's getting off topic (notice how I slipped a reference to train layouts in there?). Bottom line, just because a site isn't using SSL doesn't mean you are automatically suddenly going to become infected with malware, despite what Google and Firefox might tell you. OMG, this site is not secure, which makes it easier for someone to steal sensitive information like passwords - ok, and do WHAT exactly with it? My password here is NOT my bank or credit card password. So you can - post here as me? Like THAT won't be noticed by anyone that's been here a while. Big clue it's not me - they pronounce it 'reeding' Laugh

                                                --Randy


Modeling the Reading Railroad in the 1950's

 

Visit my web site at www.readingeastpenn.com for construction updates, DCC Info, and more.

  • Member since
    July 2006
  • From: west coast
  • 7,667 posts
Posted by rrebell on Friday, April 13, 2018 6:03 PM

What I was refering to is the stuff banks and such are afraid of, I dought any of us would be a target but then one of us might be a master spy or something. Plenty of degrees here, just not in computers. 

  • Member since
    January 2017
  • 2,980 posts
Posted by NWP SWP on Friday, April 13, 2018 7:55 PM

The expert I referred to is a small computer store owner. I am drawing my own conclusion that having a computer whiz (or yourself if your so inclined) do a scan just to double check. That's all. Another thing is nothing, NOTHING is EVER free on the web, there's always a catch!

Far as this site I hope it's a secure site!

Steve

If everything seems under control, you're not going fast enough!

  • Member since
    August 2014
  • 251 posts
Posted by tedtedderson on Friday, April 13, 2018 9:42 PM

rrinker

AV programs generally do not stop the cases where you click on a malicious email or web site. Maybe it's just me, but no computer where I am the only user (ie, no one else uses my computer) has ever been infected, despite my doing some things that the 'experts' might consider risky. Computers in the house that others use - I'm forever cleaning spyware off them.

 And what's a degree in the field? I've been in the computer biz 30 years now since graduating college. My degree is electrical engineering, so I guess that's somewhat related. One of my co-workers has been in the business about 15 years - his degree is psychology. And another never went to college. 

 There is a lot of misinformation bandied about when it comes to viruses and malware, but the easiest way to keep it off your computer is to think before you click. If in doubt, don't click. You won't miss your life changing lottery winnings, and if a message you deleted was erring on the side of caution, your friend will send you another. If a web site says you have a virus - it IS a virus, not yet on your computer, until you click. Microsoft, Apple, or any other big vendors do NOT call you to fix your computer. A Nigerian prince didn't pick you to receive his fortune. Bill Gates is not giving you part of his fortune (unless you are some worthy charity - wait, isn't my model railroad worthy of donation? Anyway..). Neither is Mark Zuckerberg. You did not win a free iPhone or iPad.

 I could go on, but it's getting off topic (notice how I slipped a reference to train layouts in there?). Bottom line, just because a site isn't using SSL doesn't mean you are automatically suddenly going to become infected with malware, despite what Google and Firefox might tell you. OMG, this site is not secure, which makes it easier for someone to steal sensitive information like passwords - ok, and do WHAT exactly with it? My password here is NOT my bank or credit card password. So you can - post here as me? Like THAT won't be noticed by anyone that's been here a while. Big clue it's not me - they pronounce it 'reeding' Laugh

                                                --Randy

 

That's what i was going to say.  They should teach this in grade school. 

T e d

  • Member since
    July 2006
  • From: North Dakota
  • 9,592 posts
Posted by BroadwayLion on Saturday, April 14, 2018 10:24 AM

FIREWALL of LION    Super Angry

 

 

ROAR

The Route of the Broadway Lion The Largest Subway Layout in North Dakota.

Here there be cats.                                LIONS with CAMERAS

  • Member since
    February 2002
  • From: Reading, PA
  • 30,002 posts
Posted by rrinker on Saturday, April 14, 2018 12:21 PM

Lion might want to swish him bushy tail around and clear some of the dust from those servers...

                                     --Randy

 


Modeling the Reading Railroad in the 1950's

 

Visit my web site at www.readingeastpenn.com for construction updates, DCC Info, and more.

  • Member since
    December 2014
  • 25 posts
Posted by CNWman on Monday, April 16, 2018 3:31 PM

Hi Santafe.... I use googlechrome and logged in. A message came up listing cookies and it gave me the choice of blocking them. So I blocked them. It kicked me out of being logged in and now I can't log back in. So I had to go to the regular google and was able to log in here in order to even type what I'm typing now. Do know how to change the cookies choice back to accepting them in googlechrome? 

  • Member since
    February 2002
  • From: Reading, PA
  • 30,002 posts
Posted by rrinker on Monday, April 16, 2018 5:12 PM

Settings, Advanced, Privacy and security, Content Settings, Cookies.

That's another thing that goes around - that cookies are bad. Not really. Cookies are the way web sites can remember you, in this case your login status. 

If you are having login issues - make sure you aren't blocking the Model Railroader sites from saving cookies, clear your cookies, and log back in.

                                   --Randy

 

 


Modeling the Reading Railroad in the 1950's

 

Visit my web site at www.readingeastpenn.com for construction updates, DCC Info, and more.

  • Member since
    January 2015
  • From: Southern California
  • 1,682 posts
Posted by Lone Wolf and Santa Fe on Wednesday, April 18, 2018 12:40 PM

Correct, not all cookies are bad. Websites use them to keep you logged in which can be good if you don't want to have to log in every single time you go to a site. But they can be bad if you use someone else's computer because they then have access to you account if you forget to log out. I sometimes see kids update their parent's Facebook status with silly posts like, "I going to clown school so I can join the circus." Cookies also keep items in your shopping cart on sites which have on-line stores. Some cookies time out after an hour or day but some keep your items in the cart until you either buy them or delete them even several years later.

Modeling a fictional version of California set in the 1990s Lone Wolf and Santa Fe Railroad

Subscriber & Member Login

Login, or register today to interact in our online community, comment on articles, receive our newsletter, manage your account online and more!

Users Online

There are no community member online

Search the Community

ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
Model Railroader Newsletter See all
Sign up for our FREE e-newsletter and get model railroad news in your inbox!