Ethnographic Arms & Armour
 

Go Back   Ethnographic Arms & Armour > Discussion Forums > Ethnographic Weapons

Reply
 
Thread Tools Search this Thread Display Modes
Old 26th March 2017, 12:45 AM   #1
Bob A
Member
 
Join Date: Feb 2014
Posts: 309
Default "This site may be hacked"

Per Google. When I accessed it from my new laptop, I rec'd that message. Later looking up vikingsword on Google, the message apeared just below the site link.

I have no idea whether there's any truth to the message, but I thought I'd mention it here. If anyone cares to fwd to an admin, please do so; I've no idea how to proceed beyond posting the information.
Bob A is offline   Reply With Quote
Old 26th March 2017, 04:12 AM   #2
kahnjar1
Member
 
kahnjar1's Avatar
 
Join Date: Aug 2007
Location: CHRISTCHURCH NEW ZEALAND
Posts: 2,615
Default

Quote:
Originally Posted by Bob A
Per Google. When I accessed it from my new laptop, I rec'd that message. Later looking up vikingsword on Google, the message apeared just below the site link.

I have no idea whether there's any truth to the message, but I thought I'd mention it here. If anyone cares to fwd to an admin, please do so; I've no idea how to proceed beyond posting the information.
Hi Bo9b,
I assume this WILL be picked up here but if you send a PM to Lee (see Member List) he will be able to assist. Alternatively his email is ljones@vikingsword.com
Stu
kahnjar1 is online now   Reply With Quote
Old 26th March 2017, 04:34 AM   #3
Battara
EAAF Staff
 
Battara's Avatar
 
Join Date: Dec 2004
Location: Louisville, KY
Posts: 6,729
Default

I just tried getting in from Google just now and no problems.......
Battara is offline   Reply With Quote
Old 26th March 2017, 04:53 AM   #4
machinist
Member
 
Join Date: Oct 2010
Posts: 93
Default

I have noticed the sword at the top of the page has changed recently, perhaps hackers are responsible.
machinist is offline   Reply With Quote
Old 26th March 2017, 05:55 AM   #5
Rick
Member
 
Rick's Avatar
 
Join Date: Nov 2004
Posts: 5,966
Default

I don't think so.
We had for years a Takouba.
I think Lee may have switched the sword to match the Vikingsword forum name.
Rick is offline   Reply With Quote
Old 26th March 2017, 07:42 AM   #6
Gavin Nugent
Member
 
Gavin Nugent's Avatar
 
Join Date: Oct 2007
Posts: 2,464
Default

http://www.vikingsword.com/vb/showth...ghlight=hacked
Gavin Nugent is offline   Reply With Quote
Old 26th March 2017, 07:53 AM   #7
kronckew
Member
 
kronckew's Avatar
 
Join Date: Mar 2006
Location: CSA Consulate, Rm. 101, Glos. UK: p.s. - Real Dogs Have Feathering.
Posts: 3,550
Default

it'd be better to be accessing via the more secure https://www.vikingsword.com/vb/,
rather than the unencrypted http:// version.
kronckew is offline   Reply With Quote
Old 26th March 2017, 08:54 AM   #8
David R
Member
 
David R's Avatar
 
Join Date: Jan 2011
Posts: 716
Default

Quote:
Originally Posted by kronckew
it'd be better to be accessing via the more secure https://www.vikingsword.com/vb/,
rather than the unencrypted http:// version.
And that's the link that threw up the warning header for me just now.
David R is offline   Reply With Quote
Old 26th March 2017, 10:19 AM   #9
fernando
Lead Moderator European Armoury
 
fernando's Avatar
 
Join Date: Dec 2004
Location: Portugal
Posts: 8,427
Default

Quote:
Originally Posted by Rick
I don't think so.
We had for years a Takouba.
I think Lee may have switched the sword to match the Vikingsword forum name.
Yes indeed
fernando is offline   Reply With Quote
Old 26th March 2017, 02:49 PM   #10
Lee
EAAF Staff
 
Lee's Avatar
 
Join Date: Nov 2004
Location: Upstate New York, USA
Posts: 765
Exclamation If wishes were horses...

1. This site has never had, nor ever been configured for, a security certificate. It has always been under the regular old http (hypertext transfer protocol.) The secure protocol (https) is essential for banking, e-commerce and medical record sites and such where sensitive financial or other data is being passed back and forth. So, probably similarly sensitive information should not be included in private messages here, as it would travel on the internet unencrypted and you will be relying on it being a needle in a haystack.

2. Matchlock had complained of the takouba in the forums logo (preferring a European medieval sword he had seen in an auction) and I had promised to change it 'when convenient.' When I switched back from the seminar announcement, I did so, though I remain somewhat unsatisfied with the result.

3. I have seen Google's 'this site may be hacked' message myself on occasion. I followed the links the first time and was directed to register some sort of account and install something and then they would reveal to me what was of concern. I did not enter that gauntlet of hoops. I looked at the html of the top pages and nothing was out of order. I killed some dead links and links that had gone sleazy.

4. If any member actually encounters any page that is part of this site with suspicious material or encounters sleaze when following a link from here, please report it to me. This site is maintained on a 'shared' server and that may sometimes result in 'blacklisting' when there is malfeasance on any of the sites hosted on that server. Similarly, this site has been blocked by some shabbily coded 'net nanny' software because of the presence of such words as 'weapon.'

5. Offers of paid advertising (i.e. renting out your eyeballs) are regularly and uniformly rejected and donations are neither sought nor accepted. Life is much simpler and better this way. Maybe someday this community will create a proper nonprofit organization to administer and maintain this project and with that will come updated and professionally administered services (likely along with an end to the budget restricting policies noted in the first paragraph of this paragraph).
Lee is offline   Reply With Quote
Old 26th March 2017, 04:19 PM   #11
kronckew
Member
 
kronckew's Avatar
 
Join Date: Mar 2006
Location: CSA Consulate, Rm. 101, Glos. UK: p.s. - Real Dogs Have Feathering.
Posts: 3,550
Default

google is 'encouraging everyone to go to https

see https://www.freshleafmedia.co.uk/blo...te-be-on-https, amongst others...

Quote:
Why should I use it for my website?

Well, if you’re sending any information you wouldn’t want a third party to get their hands on, HTTPS makes sense. It’s not true to say that you only need HTTPS if users are submitting credit card details to your site (although you definitely need it then, and you should never put your own credit card details into a site that isn’t secured using HTTPS). It means that any websites that have any passwords or personal information submitted to them should run on HTTPS. A good example is your Content Management System, or CMS. Many sites nowadays have a CMS that runs on the same domain as the website. So you might log in to edit your site at www.yoursite.com/cms or www.yoursite.com/wp-admin. Into that login page you put the password that enables you to edit your public-facing website. Do you really want that to fall into the wrong hands?

If that’s not enough reason (and it really should be), consider this: since 2014, Google has been pushing ‘HTTPS Everywhere’, an initiative to make the web more secure by moving all web traffic onto the secure protocol. That year the search giant announced a minor rankings boost for sites using HTTPS, meaning that it can factor into a website’s search results position. Now they’ve also announced that any website accepting credit card details or passwords via HTTP will be slapped with an ‘insecure’ warning in the latest version of Google’s Chrome browser. Google’s pushing for HTTPS, and its sanctions against sites not using it will only get stronger as time goes on.
What does it cost?

Until recently, cost was sometimes cited as a reason not to use HTTPS. Secure certificates were (in some cases) expensive to obtain, complex to configure, and had to be renewed annually. However, in April 2016 a new certificate authority, Let’s Encrypt, was launched, offering free certificates and an automated process that replaces the manual creation, validation, signing and installation of certificates… giving everyone one less reason not to use HTTPS.
note especially the bold bit, and the italic bits i've highlighted. the 'or passwords' in particular. might be why some people get warned, are they perchance using chrome? firefox is heading that way too, i get the message on some sites.

as noted if you get any message offering to fix an infection of your pc by visiting a link in a warning message, avoid it like the plague. because it IS the plague & they will infect you and try to extort money from you.


note: my browser address bar indicated that the vikingsword site is connected securely (encrypted) if i use the https address, so there's a security certificate out there somewhere in your cluster. note the little closed lock between the site favicon on the https address, it indicates the connection is encrypted. maybe your isp or hosting provider has gifted you.

edited:

have added an attachment of the message i get connecting via https in chrome, ie, and edge. appears there is a certificate but it's revoked. firefox allows for exceptions. note the upper screenshot is from firefox that is allowing connection, the seperate lower with the warning is from the other browsers. maybe your hosting co. has an expired certificate? you might want to ask them what's up. and get a free one from the company mentioned above...like chicken soup for a cold, it's can't hurt...
Attached Images
  

Last edited by kronckew; 26th March 2017 at 04:49 PM.
kronckew is offline   Reply With Quote
Old 27th March 2017, 10:06 PM   #12
Royston
Member
 
Join Date: Mar 2008
Location: Poole England
Posts: 425
Default

I have been a member for a few years now and always intended to ask this question.

Why is the site called vikingsword when it is the Ethnographic Arms and Armour Forum ?

One could argue that any culture could be classed as ethnographic, but then why separate European from Ethnographic.

I do not have a problem with this, I was just wondering about the origin of the name.

Regards
Roy
Royston is offline   Reply With Quote
Old 28th March 2017, 03:56 PM   #13
Lee
EAAF Staff
 
Lee's Avatar
 
Join Date: Nov 2004
Location: Upstate New York, USA
Posts: 765
Cool Of course prices have since risen...

When this project began in 1997 the focus of the site was European medieval swords with a special emphasis on the swords of the Viking Age. If you go to the root directory you will still see this. For the would-be collector of the genuine article, such collecting is a fairly lonely activity and Internet discussion activity was very much focused on modern replicas of widely varying quality.

Royston, you will find that our interpretations of the meaning of 'ethnographic arms and armour' are pretty similar - see the Collector's Guide which is the descendant of the original ethnographic page. My collecting interests have always been a bit migratory and the original version of that page was written during boring non-relevant (to me) moments of a professional conference. The intended message at the time was that there were a lot of very reasonably priced pre-industrial arms in the antique market showing great design and ingenuity and that the frustrated would-be collector of European medieval swords could find exciting artifacts from other cultures well within their actual reach.

When the current forums software was implemented, it was just the main ethnographic discussion forum and swap. The previous UBB forum did have a European medieval sword section and it was dead. Antique arms collectors do tend segregate and the sub-forums we now have arose from user requests.

-----

I have researched and continue to research the https suggestions. Apparently, turning it on is cheap and easy and the forums software is fairly compatible, especially as we have forced use of the attachments feature. However, it also appears this would generate a lot of chaos and broken links for many users. More investigation is to be done, but for now it looks like this will be a consideration when there is an upgrade to a newer version and a migration to vikingsword.org for the forums.
Lee is offline   Reply With Quote
Old 28th March 2017, 08:36 PM   #14
kronckew
Member
 
kronckew's Avatar
 
Join Date: Mar 2006
Location: CSA Consulate, Rm. 101, Glos. UK: p.s. - Real Dogs Have Feathering.
Posts: 3,550
Default

thanks for keeping us informed, lee.
kronckew is offline   Reply With Quote
Old 30th March 2017, 12:27 PM   #15
BANDOOK
Member
 
Join Date: Jun 2013
Location: AUCKLAND,NEW ZEALAND
Posts: 623
Default

Quote:
Originally Posted by kronckew
thanks for keeping us informed, lee.
GREETINGS ADMIN
AS ALL HAS GONE MOBILE ,ANY WAY WE CAN HAVE A APPLICATION WHICH IS MOBILE FRIENDLY ,AS MORE AND MORE MEMBERS WILL BE USING MOBILES ,I AM AWARE THERE IS A PRICE DUE TO COST SO AM READY TO PAY A FEE EVERY YEAR AS I LOVE THIS SITE ,BUT WE HAVE TO KEEP UP WITH TECHNOLOGY.
ITS JUST A SUGGESTION AND I RESPECT ADMINS VIEWS AND RULES BUT WOULD REQUEST TO CONSIDER.
REGARDS
RAJESH ALVA
BANDOOK is offline   Reply With Quote
Old 30th March 2017, 01:58 PM   #16
Lee
EAAF Staff
 
Lee's Avatar
 
Join Date: Nov 2004
Location: Upstate New York, USA
Posts: 765
Red face Upgrade Issues

Such an accommodation will ultimately come with the eventual upgrade mentioned in my previous post. One question is whether to start the active forums anew as we did 11 years ago, leaving this online as an archive or whether to attempt a full migration with the update. Each option has its advantages and disadvantages. The fresh start option could be on vBulletin's hosted service that would automatically have all updates applied.

I personally dislike these now ubiquitous mobile devices for the all too common phenomenon of, when the thing chirps for attention, the person I had been conversing with face-to-face instantly drops our conversation mid sentence. Want to define 'lonely' in the 21st century? - it is being in a room where everyone else has a mobile device and you do not. I also dislike the redesign of the internet world to accommodate these devices, leaving my desktop with a broken experience. Once an early adopter, I have evolved into a techno-Luddite. Who would have thought?

I also have zero personal interest in attempting to administer a subscription / donation / advertising model. None. I have discussed with the Moderator Team in the past the prospect of creating a properly governed non-profit organization to maintain this project and to carry it forward.
Lee is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 09:24 PM.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2021, vBulletin Solutions Inc.
Posts are regarded as being copyrighted by their authors and the act of posting material is deemed to be a granting of an irrevocable nonexclusive license for display here.