HTTPS Upgrade

[ConnorJC]

I helped? Guess I did some work in my sleep.

Anyways, onwards to HSTS and better CSPs!
"Let's make MS secure again."

[ConnorJC]

Would uploading images make them more secure than linking them?

Uploading to another site, like imgur?

Theoretically, considering imgur is less likely to screw up proper https then some random site.

[ConnorJC]

Or upload to this site.

Can normal users upload to the site?

[ConnorJC]

Probably not, but it would make images more secure.

Imgur is (for the moment) more secure than MafiaScum.

[ConnorJC]

its 2017, how is no HTTPS still a thing

Because HTTP/2 is still not a thing.

Fortunately let's encrypt is fighting the good fight for SSL everywhere.

[ConnorJC]

Just a note, if the HTTPS uses SHA-1, Google will be posting the break in 90 days.

http://www.theverge.com/2017/2/23/14712 ... -shattered

I don't think you can even get a SHA1 signature nowadays. Don't worry, the encryption is secure.
(Although, note that HTTP links to MS are currently

not

secure, so do be careful around those.)

[ConnorJC]

From what I'm reading all the major broswers would pop up and inform users they were on a SHA-1 site if MS was using it.

The connection to this site is encrypted and authenticated using a strong protocol (TLS 1.2), a strong key exchange (ECDHE_RSA with P-256), and a strong cipher (AES_128_GCM).

Although it seems the certificate is issued to wiki.mafiascum.net, even when viewing the forums.

We have one certificate for all subdomains.

Don't worry, our encryption is secure.
The only thing to worry about is HTTP links.