Amiga.org

Amiga computer related discussion => Amiga Software Issues and Discussion => Topic started by: XDelusion on June 25, 2010, 06:46:51 AM

Title: OWB - Can't Login to some pages. Error 60:
Post by: XDelusion on June 25, 2010, 06:46:51 AM

I'm using OWB with MorphOS. Once I turned on my cache and all that jazz so I could remain logged into Hotmail, facebook, and the like, I found that I was suddenly no longer able to even log into these pages as I could before.

Now when ever I try to login I get:

Unable to open http://Http://www.blahblahblah.com

Error 60: Peer certificate cannot be authenticated with known CA certificates.

Though I can log into Amiga.org thankfully! ;)

EDIT: I also can not upload images to Amiga.org without getting an Error 59 I believe it was.

Title: Re: OWB - Can't Login to some pages. Error 60:
Post by: XDelusion on June 25, 2010, 09:22:47 AM

In answer to my own question:

Settings

Prefs

Security

Ignore SSL Errors.

----------

Is this secure for Ebay and the like?

Title: Re: OWB - Can't Login to some pages. Error 60:
Post by: Piru on June 25, 2010, 10:08:52 AM

Quote from: XDelusion;567143

In answer to my own question:

Settings

Prefs

Security

Ignore SSL Errors.

----------

Is this secure for Ebay and the like?

You should only enable this option temporarily, as if this option is enabled any certificate will be accepted. This will make it possible to perform man-in-the-middle (http://en.wikipedia.org/wiki/Man-in-the-middle_attack) attack, even when SSL/TLS (https://) is used.

I think Fab is considering adding per site preferences to OWB, much like in other browsers. Then you could allow the self-signed certificate for the specific sites alone.

I wonder though, what did you do exactly ("I turned on my cache and all that jazz") to when you began to get these problems for valid certificates? Maybe OWB doesn't work correctly with certain kind of proxies?

Title: Re: OWB - Can't Login to some pages. Error 60:
Post by: XDelusion on June 25, 2010, 10:16:59 AM

That would be nice.

Thankx for the heads up.

How would one attack a MorphOS machine anyhow?

Title: Re: OWB - Can't Login to some pages. Error 60:
Post by: Piru on June 25, 2010, 10:32:25 AM

Quote from: XDelusion;567151

How would one attack a MorphOS machine anyhow?

Well, assuming the attacker would get access to your network connection they could present their own ebay site (with https and all) and steal your logins. Same for your banking site. It's not very likely attack scenario if you're connecting with wired DSL connection however. It has been known to happen when using open WLAN connections.

As you can see this is somewhat theoretical.

But disabling SSL/TLS certification verification makes it easier for someone to perform such an attack.

Title: Re: OWB - Can't Login to some pages. Error 60:
Post by: XDelusion on June 25, 2010, 11:00:00 AM

So the OS is safe then, that's all that matters, they can have my bank account. ;)

As they say, never put all your eggs in one basket.