My cyber security firm website went live a few days ago. If anyone would like to join our forums and talk about hacking and all things infosec please do. Anything outside of that you can comment here, New users you can just go to the site and sign up and start using and spreading the forums.
To login and register the button are at the button of the forum, I'll be changing that later to a more suitable place.
If you have any questions about the company please feel free to message me here, also if you have any suggestions let us know by commenting here. Suggestions can include new subjects for the forum etc. Since we're a new forum suggestions will be taken with open arms as long as it fits our theme.
I don't mean to be a killjoy but isn't having a site and forum about cyber security and not using HTTPS a little bit strange? imo every site should be using HTTPS now and I wouldn't want to subscribe/login to any forum that doesn't protect my form inputs. Unless that is in the works and you haven't enabled it yet but you really should look into it soon if you want anyone to take the site seriously.
So unfortunately we're running lean and the Https/SSL cert provider our host uses isn't secure, we decided to hold off using insecure certs till we can afford to have VPS in which we can install secure certs for using HTTPS/SSL.
Sorry for the inconvenience but this was a choice made by us as well as talked with the infosec community at Defcon and Derbycon before making the choice to launch without the HTTPS/SSL cert.
Even with what I said below if you feel its a needed thing. Even with the given risk of it already being an insecure cert I can go and place it on the site. But to be honest shit security isn't any better than none.
Thank you for understanding, trust me its really annoying, I've worked in the industry for a long time and not being able to follow my own simple guidelines to security pisses me off more than anything. it won't be this way for long, but even with this minor set back I do hope you join our forums and more people do as well.
Thank you
Also not a killjoy at all you did the right thing in letting me know ( I knew already) but for your own safety you did the right thing.
I find it hard to believe anyone would recommend not running TLS on at least your login and register pages. You should sort that, at minimum. Your site seems slow as well, and your IP seems to come from a former known service for spam.. maybe look into that.
Your topic may break the rules, fyi, posting to advertise commercial services isnt allowed, someone else will look at that though.
You don't think I would if I could? because of the shared hosting which is something everyone uses I can't install my own certs. Until I go and grab a VPS which since we're running lean at the moment can't really do. Like I said the certs they use are worthless broken security isn't better than none.
is your site intended for current proffesionals, enthusiasts, begineers? whats the mision? what was the motive for starting the site?
just a few questions i think would be useful to answer here. you probably answered them on the site, but ill be honest im not going to click a hidden link to a site about security, with out naming the site, or the company, or mision or intent.. because my tinfoil hat is strong..
My site is a company site, which has a forum the forum is fully built but added little features I want are being worked on currently. The forum is for everyone novice and pros or people who are just curious. The mission and motive behind the site is I have a small cyber security start-up, it also has a place for blogs and a forum for members to come and enjoy talking about security and other tech related things but with a major focus on security. The company is called Koda Ops. I hope this helps with your tin foil hat radar.
Not meaning to be rude, but when a person assumes I haven't heard of "Possible solution" without first being well versed in why the certain situation is there it's very annoying. Also the SSL issue has been fixed already so it's no longer a concern.
Something that's dedicated to security, while you may be able to find many other tech related things here, the section related to "Hacking" is sorely lacking. If you checked out the forums you'd see the different sections that we have. This would be for a person more security orientated or a beginner who wants to learn as much as they can in a controlled area. We have dedicated sections for different knowledge levels as well. and soon we'll have a mentor program filled with some very amazing people. give it a go and try if you hate it or it doesn't grow in time you can ask and your account will be deleted. also, it's ad-free so no worries about ads.