We don't bite newbies here... much | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
As Anonymous Monk wrote, this is an uplevel decision. PerlMonks is a public site, and the only assets it keeps are the reputations of its members within, and to a certain degree to the outside world - and private scratchpads. Then, of course, the innards of the engine running this site. Stolen credentials from this site generally aren't an entry point for higher level mischief, as are e.g. credit card numbers and their checksum digits, except for cases were monks reuse their password on this site for logins elsewhere. So there is no need to encrypt the general traffic, but the login process should be diverted to https by default imho. During all my time here at PerlMonks I have never been impersonated, not even after the famous hack which disclosed a fair number of logins and passwords. The most important major security improvements necessary for this site are, in my eyes
These would comprise changes not only to nodes of the everything engine, but also to database tables. As always, the urgent doesn't leave time for the important...
perl -le'print map{pack c,($-++?1:13)+ord}split//,ESEL'
In reply to Re: End of HTTP?
by shmem
|
|