Login Warning

[archangle]

This particular warning says the certificate was valid, but expired on 8/23/2012.

What this kind certificate does is:

1) help verify that someone hasn't hijacked the network between you and xxx.com and you are actually logging into another site that's trying to steal your password or some such.

2) help make sure that no one snooping on the internet somewhere between you and xxx.com can see what you are typing and reading there.

Cpaptalk.com appears to only use "SSL" on the login screen, so only that page is protected. Big brother, big business, or hackerman can easily snoop on what you read and post here.

I wouldn't worry about it in this case. Who really cares if someone steals your cpaptalk.com password? Unless you use the same ID and password on your bank account or some such.

I disagree with those who are skeptical about SSL certificates. Used properly, they are important security safeguards.

[DoriC]

Cpaptalk.com appears to only use "SSL" on the login screen, so only that page is protected. Big brother, big business, or hackerman can easily snoop on what you read and post here.

I wouldn't worry about it in this case. Who really cares if someone steals your cpaptalk.com password? Unless you use the same ID and password on your bank account or some such.

I disagree with those who are skeptical about SSL certificates. Used properly, they are important security safeguards.

GULP!! Just changed my password!!

[chunkyfrog]

Could the numerous nonsense spam postings be attempts to "phish" us?

[Pugsy]

Could the numerous nonsense spam postings be attempts to "phish" us?

Doubtful. I have never got any attempt to glean personal information pop up here at all.

The security thing happened because it expired and happened to occur at the same time they were trying to sort out all those SQL errors and the servers were down for a while. Made it look worse than it was.

Other than my personal email account there is nothing that any hacker could glean from my presence here or accessing my account.
It doesn't really matter....a few weeks ago my husband did something totally stupid (got a pop up saying he had won a $1,000 gift card to WalMart) and you know what he did and now I am on everyone's spam list. If it wasn't so much trouble to change everything tied to that email address I would close it.

[DoriC]

So what did he buy at Walmart?

[archangle]

The warning from yesterday was NOT a security breach. If you looked at the data in the warning, it clearly indicated that their security certificate was valid, but it had just expired. It's no more suspicious than someone producing a drivers license that looks valid, but it expired yesterday.

cpaptalk.com and cpap.com appear to be class acts. They appear to be honest. They also seem to take more care of the technical details than some other discussion boards.

However, even the billion dollar companies with full time high dollar IT (computer) staffs get their websites and computers hacked.

You should consider what happens if a web site you use gets hacked. Assume it's completely controlled secretly by computer criminals looking to steal things. The real owners may not even know anything is wrong.

Think about what could happen.

Someone could get your password and userid used here. Does that ID and password unlock anything else, such as your e-mail account, which could then lead to other web sites you use?

Someone could find out your e-mail address associated with cpaptalk. Do you use the same password for that account?

Can that e-mail account be used to find or reset your password on accounts at your bank, or paypal and steal money?

They could get your IP address, which, with some effort, can be used to figure out your home address, or at least an approximate location.

They could read all your private messages sent on the board. Did you tell someone your real name, etc.? Can they get useful information for identity theft? Did you put your birthday on a web site anywhere. Can they then find your facebook account where they can then find out your uncle's last name and then figure out your mother's maiden name? Did you send a prescription via e-mail or get a medical bill that has your social security number?

They could bury malware (viruses, etc.) in the board such that just browsing to the page could take over your computer. The computer guys try to be sure that holes in the operating system (like windows or mac) don't have security holes, but you have to stay up to date, and use a good antivirus. Even if you do everything right, including antivirus and operating system updates, the bad guys sometimes find the security holes and use them before the good guys do.

They could masquerade as someone else and post a message or PM that says "There's a bug in XYZ that could crash your computer. You need to go to resmed.updates23.com/softwareupdate/bugfix.exe and get the fixed version of the software." The site looks legit, but it's not resmed, and it's got malware.

I'm constantly shocked by the info people put on Facebook. Real birthdays, names of their friends, home addresses, family member names (mother's maiden name), vacation schedules, pictures of valuable items in your house, etc. One stupid teen posted pictures the other day of the money her grandmother kept in her mattress, and a home invasion followed.

[Sir NoddinOff]

Archangle: Telling it like it is, bro. Some people just don't have a clue how dangerous their online behavior can be!

[Pugsy]

So what did he buy at Walmart?

I wish he had bought something at Walmart. He says to me "Hey, I won a $1,000 gift card for WalMart" "I was the millionth visitor at so and so website"... I just shook my head and asked him if he gave email and phone number?
"Oh yeah"....Poor guy, had totally forgot that he was told to never ever respond to crap like that. Now I get about 50 spams a day where maybe I had one a month before and he is getting all sorts of sales phone calls. Not to mention the junk mail at the house has doubled. Of course there is no card for WalMart unless I want to give more personal information and that ain't gonna happen. He learned a lesson that I doubt he will ever forget.

[chearyshe]

I'm RICH (not)! I got an SMS saying that I won 1 million pounds, so just send an e-mail to such and such addy!

Thanks but no thanks and WHY did they wake me up at 3 am? I guess they didn't know I'm a relatively new hoser who values every minute of precious sleep!