Only after login into this website the connections turns into TLS-based. From my point of view this is unacceptable to submit the credentials unencrypted. I also miss a higher level of transparency of this website to the security establishment of the UK. From previous posts of others
starting to question, the owners can simple block me out. Yes, you an. But is this really the good way?
I will happily look into any concerns you have, please PM me to continue the discussion.
Thank you admin for hangin
Just landing on FF before the first click, the connection is not secure. Its not me saying this, Chrome 71, up-to-date, says this.
Before trying this by yourself, make sure you clean off all cache and cookies.
Transparency should be public here, I respect your offer for PM, but this leads to intransparency. See it the other way around, by increasing transparency you build trust. People mistrusting FF will be silent readers, but not posters or contributers.
Public forensic/hacking know-how is critical. If FF is the long arm of GCHQ this is ok, but to publicly not knowing - I may did not find it in the website rules and disclaimers seems problematic.
If you feel I am speaking to open about security issues, I apologize and will join the silent readers. Respectfully yours.
I can only assume you were landing initially on a non-https version of the site for some reason (forcing https is currently being tested). In any event, please note that questions or concerns about site security should be sent through the contact form at https://www.forensicfocus.com/contact (or to me via PM) to ensure that they are read promptly and replied to/actioned if necessary. I note your concerns regarding transparency but these forums are intended strictly for the discussion of digital forensics, not site-related issues which you wish to bring to the attention of management - please bear that in mind going forward, thank you.