Stories
Slash Boxes
Comments

SoylentNews is people

posted by NCommander on Tuesday April 01 2014, @08:00PM   Printer-friendly [Skip to comment(s)]
from the that-was-a-bitch-to-get-working dept.
After a significant amount of wrestling with Slash, we've got SSL working properly. Slash normally tried to prevent people from using SSL unless they were an admin or subscriber. This, combined with some absolutely horrendous buggy code, and compounded by the fact we don't use mod_ssl, was not ideal. I'm pleased to announce that we've managed to exorcise the last of the demons in this code, so right now, you can go up to your URL bar, and fiddle it over to https://soylentnews.org, and it will work!

Right now, we're running with a proper SSL certificate, but secondary services are running with a wild-card CACert certificate, we'll migrate those to a conventional certificate authority once we've done the possible site rename to prevent us from having to buy multiple SSL certificates. I've had to gut the back-end pretty heavily to make this work, so please try it out, and let us know what you find. Once we're fairly certain we've exterminated all the bugs, we'll be taking a serious look at the possibility of going SSL by default.

Until then, enjoy your now-encrypted BaconNews!
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1) by BsAtHome on Tuesday April 01 2014, @08:04PM

    by BsAtHome (889) on Tuesday April 01 2014, @08:04PM (#24440)

    This is really great news! Thanks for implementing transport layer security. At least now the eavesdroppers will have a harder time tracking the flow(*).

    * Unless your code is too buggy, but I believe you all try your best ;-)

  • (Score: 4, Informative) by Angry Jesus on Tuesday April 01 2014, @08:09PM

    by Angry Jesus (182) on Tuesday April 01 2014, @08:09PM (#24444)

    Most websites that do SSL, do it poorly with low grade ciphers.

    My firefox says you guys are using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 with Perfect Forward Secrecy which is top notch all around. Congratulations.

  • (Score: 0) by Zinho on Tuesday April 01 2014, @08:17PM

    by Zinho (759) on Tuesday April 01 2014, @08:17PM (#24446)

    Kudos, it seems to work for me as advertized! Keep up the good work.

    --
    "Space Exploration is not endless circles in low earth orbit." -Buzz Aldrin
    • (Score: 2) by edIII on Tuesday April 01 2014, @10:34PM

      by edIII (791) on Tuesday April 01 2014, @10:34PM (#24509)

      Same here. I also use the HTTPS Everywhere extension so it was automatic for me the moment it was supported.

      I'll let you guy knows if I have any problems.

      --
      Technically, lunchtime is at any moment. It's just a wave function.
      • (Score: 1) by Yog-Yogguth on Wednesday April 02 2014, @02:11AM

        by Yog-Yogguth (1862) Subscriber Badge on Wednesday April 02 2014, @02:11AM (#24568) Journal

        Strange so do I but it's not automagic here. Not when visiting the main page whether by link or typing it in and not when using RSS links.

        Using HTTPS Everywhere 3.4.5

        Don't worry about this on my behalf; I want to applaud the effort even if I consider SSL & HTTPS broken (with or without a CA). I use it but don't assume to gain much if anything from it, more importantly suppoprting SSL/HTTPS and TOR and anything else like it increases the chances of the site be able to support other future possibilities that might not be broken (perfection being the enemy of everything and all that).

        --
        Bite harder Ouroboros, bite! tails.boum.org/ linux USB CD secure desktop IRC *crypt tor (not endorsements (XKeyScore))
  • (Score: 1, Funny) by black6host on Tuesday April 01 2014, @08:20PM

    by black6host (3827) on Tuesday April 01 2014, @08:20PM (#24448) Journal

    I know I'm new, and don't spend too much time here, though I do check in daily,but what's up with the name change? I think I missed something obvious to most....

    • (Score: 3, Insightful) by paulej72 on Tuesday April 01 2014, @08:21PM

      by paulej72 (58) on Tuesday April 01 2014, @08:21PM (#24450) Journal

      Check today's date.

      --
      Team Leader for SN Development
      • (Score: 1) by black6host on Tuesday April 01 2014, @09:56PM

        by black6host (3827) on Tuesday April 01 2014, @09:56PM (#24485) Journal

        Yes, I had considered that. Thought I might have missed a memo :)

        • (Score: 1) by zigbigadoorlue on Wednesday April 02 2014, @05:39AM

          by zigbigadoorlue (1092) on Wednesday April 02 2014, @05:39AM (#24630)

          There has also been an ongoing discussion about Soylent News being the final name for the site. I believe that it is currently still the plan to have a vote on whether to keep SN or change it to one of a current list of popular alternatives (I suspect this list is on the wiki. Not sure where).

          I really like the name soylentnews.org though am confused as to why no one is concerned that MGM is going to sue us over it. Is it protected under parody?

  • (Score: 4, Informative) by Marand on Tuesday April 01 2014, @08:34PM

    by Marand (1081) on Tuesday April 01 2014, @08:34PM (#24455) Journal

    Glad to see the site working with SSL, it's appreciated, but there is still at least one problem with the implementation:

    URLs followed from the RSS feed still go to http: instead of https [soylentnews.org]:, even when the feed itself is https (from https://soylentnews.org/index.rss [soylentnews.org])

  • (Score: 2) by pe1rxq on Tuesday April 01 2014, @08:55PM

    by pe1rxq (844) on Tuesday April 01 2014, @08:55PM (#24464) Homepage

    Great job.
    Now get back to working on IPv6 support!

  • (Score: 1) by clone141166 on Tuesday April 01 2014, @09:55PM

    by clone141166 (59) on Tuesday April 01 2014, @09:55PM (#24484)

    Nice work! Thanks! Encrypted bacon is the best kind of bacon.

  • (Score: 1) by velex on Tuesday April 01 2014, @10:37PM

    by velex (2068) on Tuesday April 01 2014, @10:37PM (#24511) Journal

    Looks good from here. Also liking the new buttons. Kudos and hope the IPID thing for IPv6 suppport doesn't turn into too much of a bugbear.

  • (Score: 1) by boltronics on Wednesday April 02 2014, @02:08AM

    by boltronics (580) on Wednesday April 02 2014, @02:08AM (#24565) Homepage

    Nice work, people.

    --
    It's GNU/Linux dammit!
  • (Score: 1) by xtronics on Wednesday April 02 2014, @02:15AM

    by xtronics (1884) on Wednesday April 02 2014, @02:15AM (#24571) Homepage

    I always wonder if encryption calls attention you may not want - but at this point even google is doing it..

    Also - for some strange reason there is no page in wikipedia about soylentnews and no mention of it's birth at Wikipedia's entry about some beta site.

  • (Score: 1) by johnlenin1 on Wednesday April 02 2014, @02:38AM

    by johnlenin1 (707) on Wednesday April 02 2014, @02:38AM (#24577)

    What a great April first on SN. A few jokes, but lots of great stories. Plus all the technical goodies for the site, and now SSL. Way to go, and thanks!

  • (Score: 0) by Anonymous Coward on Friday April 04 2014, @09:19AM

    by Anonymous Coward on Friday April 04 2014, @09:19AM (#26105)

    Pretty cool!

    Has this been submitted for inclusion at with HTTPS Everywhere?

    https://www.eff.org/https-everywhere/rulesets [eff.org]