Agnostic.com

21 33

For those who saw "Your connection is not private" message today, just want to let you know that it was just a configuration issue. Turns out that every 3 months, websites have to generate a new "key" to keep the pages encrypted (new thing started last year) and uh, I forgot to renew the key... took about 30 minutes to figure out how to do it. Whew! Sorry about the inconvenience. No data was lost/etc.

Admin 8 Apr 21

Post a comment Reply Add Photo

Enjoy being online again!

Welcome to the community of good people who base their values on evidence and appreciate civil discourse - the social network you will enjoy.

Create your free account

21 comments

Feel free to reply to any comment by clicking the "Reply" button.

6

Chrome actually explained what was up with the advice to try again in a short while as the site would be up again soon.

I saw that too

@btroje Chrome must be mad at me, it didn't explain anything to me.

@buzz13 you had to humble yourself and ask for help. What does that say about you?

4

Thanks for the clarification. I ran three virus scans, you know, because I was being paranoid.
LOL

I just did one! LOL

Your not alone doing that, I was going buggy about it.

4

Good to know. Thanks.

3

If they stole my identity, they would be worse off than they are now... Trust me.

3

thanks for the transparency Admin

3

I didn't see it - but I appreciate the information

3

nothing to hide here !

2

Thank You for All You Do.

2

Thank you! I did see that earlier and wondered about it.

2

It was spooky for a minute there

1

In my experience, SSL certificates only need to be rekeyed when they expire, which is in intervals of years.

1

Sounds good.

1

Wow. This is incredibly concerning. Do you have anyone at your company who is responsible for your network security? How are you storing our passwords? Has your software ever been security audited?

There is very little to be concerned with, unless someone explicitly goes past the warning their browser shows and then logs in. You would have to have an attacker monitoring your network traffic as well.

@indirect76 I'm worried that agnostic.com's security is weak, and that because they don't invest enough time into managing their security posture, it will put the data they have about us at risk. I do this for a living. I know what I'm talking about.

@egeste Other than our passwords, I would assume any data the site has is publicly available. As long as the passwords are stored as salted hashes, I’m fine. Even if passwords are less secure, I use different passwords for each log in I have. Though I doubt most users are as security minded as you and I.

1

Thanks for the info

1

No worries, keep up the good work !!!!!

1

Well alrighty... thank you.

1

Thanks!

1

Good to know, I was (temporarily) worried, but I had faith in you! Well, let's not say faith, let's say confidence!!! LOL

1

Thank you very much for the update. 🙂

0

Thanks for the info. I was wondering what was up with that.?

Emme Level 7 Apr 22, 2018
0

I thought it'd just be an SSL expiry.

Every three months, though? I manage an SSL web server for work, and we renew the certificate on that annually.

Write Comment
You can include a link to this post in your posts and comments by including the text q:63395
Agnostic does not evaluate or guarantee the accuracy of any content. Read full disclaimer.