31 posts tagged with security.
Displaying 1 through 31 of 31. Subscribe:

PSA: "Stylish" browser add-on steals your internet history

The popular "Stylish" browser extension, which allows you to download custom styles for a given site (such as making text more readable, removing UI cruft, or adding a professional white background), has been silently logging its users web activity for the last year and a half. The new owners of the add-on at the time, SimilarWeb, offer products including “Market Solutions To See All Your Competitors’ Traffic.” [more inside]
posted by Riki tiki on Jul 3, 2018 - 12 comments

MetaFilter is moving to https as a default

A week from now, we'll be updating MetaFilter to always serve https pages instead of http! You most likely don't need to care at all that this is happening, but I'll explain what it means below. Come on in! [more inside]
posted by cortex on Nov 16, 2017 - 96 comments

Can't find post about infosec/hacking challenges

I could have sworn that a few months ago someone posted an FPP to a webpage made by a couple of guys who designed some interesting "real world" infosec/cryptography/hacking exercises meant to expand awareness of internet security, and now I can't find it anywhere. [more inside]
posted by stoneandstar on Nov 18, 2016 - 4 comments

Is it possible to request a 'Force SSL' option in the User Preferences?

The EFF offers HTTPS Anywhere, but it's not available for all browser, and fails on some script calls. As a feature this would be amazing. Thank you!
posted by four panels on Jan 31, 2016 - 48 comments

Improve Account Security With This One Weird Trick (Hackers Hate It)

We've improved password security on Metafilter. So, hey, update your password! [more inside]
posted by cortex on Apr 22, 2015 - 74 comments

Password Security Update

We're changing the way we store passwords at MetaFilter. You can help us test the new system by changing your password today. [more inside]
posted by pb on Apr 17, 2015 - 97 comments

So, what would be the fallout of a MeFi security breach?

Are my embarrassing anonymous questions permanently associated with my regular account? I think I used a credit card to pay for my registration; is my credit card information (and thus real name and address) still on record? [more inside]
posted by mf_ss on Feb 18, 2015 - 70 comments

Heartbleed SLL bug vulnerability

I've got the Chrome addon for the Heartbleed server test site and it's just given me a message saying that metafilter.com is vulnerable to the Heartbleed SSL bug. More information about the bug.
posted by divabat on Apr 8, 2014 - 50 comments

Metafilter Data Retention Policy?

What protocols does Metafilter have for dealing with a National Security Letter? (Inspired by this post.) [more inside]
posted by anemone of the state on Aug 8, 2013 - 78 comments

Malware warning on almost all links including contact form

Just an FYI, anything I click link-wise, although NOT the new-post button, returns this warning in chrome. [more inside]
posted by TomMelee on Feb 3, 2013 - 62 comments

How strong is your MetaFilter password?

How strong is your MetaFilter password? [more inside]
posted by Egg Shen on Aug 6, 2012 - 201 comments

Speak Friend, And Enter

It would be nice if the system would generate an automatic email confirming password resets. [more inside]
posted by BitterOldPunk on Dec 13, 2010 - 28 comments

MeFi > NYT

MetaFilter, on the other hand, fixed its site within two days of being told about it… [more inside]
posted by oaf on Oct 7, 2008 - 37 comments

metafilter.com redirecting to login page

www.metafilter.com just redirected me several times to the login page. Then I received a warning message about security certificates. I chanced it and logged in, now everything's normal. Anybody else getting this? (btw, subdomains also redirected me to the login page). [more inside]
posted by Baby_Balrog on Sep 30, 2008 - 19 comments

the bad bad internets

so, about this post --> http://www.metafilter.com/73909/History-of-the-DC-Universe ... please read all of more inside first before looking at the post. [more inside]
posted by yeoz on Aug 7, 2008 - 44 comments

Whoa - security/cookie issues?

Whoa - security/cookie issues? [more inside]
posted by jkaczor on Jul 21, 2008 - 15 comments

Fears for Obama's safety not a reasonable topic?

This post which raised the issue of fears among some in the African-American electorate that Barack Obama would not be safe as president. The thread was shut down for reasons of WTF. Not exactly sure what the problem was, and I was disappointed, as I had recently heard about this and was hoping the thread would shed some light on the issue. This NYT article would be a good starting point for discussion.
posted by flotson on Jan 6, 2008 - 47 comments

New login system, finally!

We've finally finished a several month long project today by reworking the back end of Metafilter to bring site security practices up to date. The new login system we were testing yesterday is now live for everyone. And you can even change your password now, after 8 years of everyone asking! [more inside]
posted by mathowie on Nov 29, 2007 - 75 comments

I didn't request my password?

I got a "Your MetaFilter password request" e-mail but I didn't request my password? [more inside]
posted by zaphod on Sep 13, 2007 - 26 comments

Firefox Vulnerability Issue

New firefox vulnerability leaves people open to password theft:

Proof of concept here

Does metafilter strip out form tags?
posted by empath on Nov 22, 2006 - 22 comments

Is MeFi protected against cross-site request forgery?

Is MeFi protected against CSRF? I know the logout link isn't (should be a form button anyway) and could be triggered by displaying an image to a MeFi user, but if the forms are vulnerable things could get nasty (imagine someone posting a link that changes your prefs, or makes you create a post, etc.). Just askin'...
posted by malevolent on Oct 22, 2006 - 97 comments

Will MetaFilter get persistent SSL?

Will MetaFilter get persistent SSL, like Craigslist?
posted by The Jesse Helms on Jul 3, 2006 - 16 comments

Tell us when TSA actually finds something...

Is there anything that makes this post good? (mi)
posted by bigmusic on Apr 19, 2006 - 20 comments

Are you taking away our freedoms for your security?

Ok, in this comment by #1, it is revealed that user pages have been considerably further locked down. I wonder, is all that extra security still in place? [more inside]
posted by mystyk on Dec 12, 2005 - 23 comments

username entity-ified

eponymous blargh registered himself a sock puppet using html entities which looks exactly like my username. thank you.
posted by quonsar on Jul 17, 2005 - 19 comments

SSL for Metafilter

I've been spending lots of time on wireless networks lately, so I finally up and got an SSL certificate for MetaFilter. Enjoy. Eventually I'll try to get all the user/pass pages going through https:// to make the site more secure.
posted by mathowie on Mar 9, 2003 - 44 comments

The recent hardware upgrade left the server vulnerable to worms

Alas, there was a critical fact overlooked on the recent hardware upgrade, one which left the server vulnerable to the [sapphire|slammer|SQ hell] worm. All's better now.
posted by delfuego on Jan 25, 2003 - 17 comments

What exactly is it that just happened to Blogger?

What exactly is it that just happened to Blogger? I saw hints that there had been some sort of security breach, and now everything is inaccessible. (And the Blogspot server is outright offline as I write this.) There was some sort of password break?
posted by Steven Den Beste on Dec 26, 2001 - 38 comments

IE has a huge, gaping hole

IE has a huge, gaping hole that allows executable files to be downloaded and run on the computers of browsers.

Pynnonen revealed that the bug lies in IE's processing of Internet addresses and "header" information that tells the browser what type of file it is handling. The flaw is particularly dangerous because it can be exploited using ordinary Web page code, without help from JavaScript or other scripting programs, he said.

thanks to the wonder of non-disclosure agreements, we won't know the precise nature of the bug (yet), but this one sounds bad.
posted by moz on Dec 11, 2001 - 4 comments

the comment submit box has my user password stored as clear text

I was looking at the source in the Auto-close Open Tags thread, and I noticed that the comment submit box has my user password stored as clear text. It's not like MeTa/MeFi need to be highly secure, but I'm wondering if there is a better way to handle that.
posted by willnot on Nov 4, 2001 - 9 comments

what stops people from using metafilter like metababy?

what stops people from using metafilter like metababy? Is it understood? Is some sort of Hive Mind at work here? Although you retain final edit control Matt, what stops someone from entering malicious code or javascript that provides information about members to a second source unnoticed? Is there some sort of preventative measure I don't know about?


posted by Neale on Apr 17, 2000 - 6 comments

Page: 1