[Req] HTTPS protocol support on Sonsivri

[LithiumOverdosE]

Is there any chance for Sonsivri to support HTTPS?

Shouldn't be to hard for admin to enable it and it would provide additional level of security for members. Especially with all the pressure rising from governmental institutions in various countries.

[solutions]

I think HTTPS may make it EASIER for these busybody governments to point a finger at someone.

Why not just use a free proxy server?  That's what I do here where I am when I get a government intercept and need to get to a site (some sites that really should not be blocked, but can't stir up trouble by asking why). Proxies are HTTPS without the certificates etc to point a finger at your machine.

[LithiumOverdosE]

Well, there is some truth in what you say.

However there are two things to consider:

1. IP adress of Sonsivri is known and the server is in Sweden. Which is great up until the point that Sverige government decides to go against it (I hope we have some backup plan in that case). So HTTPS won't be any news to them.
2. If you're talking about HTTPS giving tip to the authorities in the countries of users I'm not clear on that on either. Most of the ppl I know use HTTPS everywhere it's possible and there are number of plugins for browsers allowing that (Firefox HTTPS Anywhere for example). Also, a number of people are using encryption for mailing in order to protect business information. Not to mention that most torrent users are using encryption and commercial usenet servers are routinely offering SSL option.

In any case, I still think that HTTPS would be a good idea.


BTW- maybe I'm missing something but why are web crawlers allowed to index Sonsivri pages?  Membership is by invitation only and all those indexed pages with link to soft are just drawing unnecessary attention (see point 1.) That said, no criticism is meant, I'm just perplexed.

[pickit2]

BTW- maybe I'm missing something but why are web crawlers allowed to index Sonsivri pages?  Membership is by invitation only and all those indexed pages with link to soft are just drawing unnecessary attention (see point 1.) That said, no criticism is meant, I'm just perplexed.

That was the decision of Sonsivri forum owner, and that is based on Belief that all infomation must be free to all.
If forum rules are followed, ie: just one example. no files to be posted (hosted on site), Direct links only, then we have a case that we are a none trading group.
these are some of my reasons for, why I'm in the sonsivri forum.

plus I have a big shiny mute button

[LithiumOverdosE]

Ah, now I better understand the rationale behind such policy. Although I don't really understand why links cannot be hidden by script or put in text files only (or at least passwords of posted files). In that way information regarding exchange of knowledge would still be free but it would provide additional layer of protection.

Anyway, that's IMO of course and I will respect admin's decisions. 

BTW - is the database with users IP at least encrypted and safe?

[optikon]

That was the decision of Sonsivri forum owner, and that is based on Belief that all infomation must be free to all.
If forum rules are followed, ie: just one example. no files to be posted (hosted on site), Direct links only, then we have a case that we are a none trading group.
these are some of my reasons for, why I'm in the sonsivri forum.

plus I have a big shiny mute button

I also agree with this rationale and I also would very much like to see links posted in text files. I try to do it if I remember, and I'd like to see it happening more often.

[dead_chess]

BTW - is the database with users IP at least encrypted and safe?

is it ?

[Tech_n]

I think https has sense, because when using http over proxy servers, the plaintext can be sniffed. With SLL and correct cert this is not possible...
The second qustion, why to log all IP of users..?

[pickit2]

I think https has sense, because when using http over proxy servers, the plaintext can be sniffed. With SLL and correct cert this is not possible...
The second qustion, why to log all IP of users..?

so it makes it easier to spot you and your other muted accounts...
plus others that use such as the lame proxie IP known for hacking sites...
This makes 5 muted users with that IP.