security certificate errors

[Schuyler]

These last couple of days I've been getting the message: "To help protect your security, Intenet Explorere has blocked this website from displaying content with security certificate errors." I can click through to allow posting anyway and the pages appear to render properly. MOST of the page appears BEFORE I get this message. I can't see what part of the page is causing the error; it may be something further down the page, perhaps an ad.

I used both Firefox and Chrome and did not get the message. You might say, 'Well, why not use one of those other browsers?' My answer is that I'm not sure of the other ones test for this error. MSIE has the feature set I like, including RSS feeds, and it's much faster than Mozilla on my machine, so I'm not anxious to switch. Is anyone else getting this message?

 

[Siani]

Yep, I'm also getting it.

 

[Schuyler]

Yep, I'm also getting it.

Just discovered you can turn it off under Tools-> Internet options -> Advanced -> Security -> 'Check for publisher certificate revocation' Begs the question, though.

Eek. Cancel that. It's baaaaack!

 

[TClaeys]

I'm getting it too. Any help??

 

[AnnetteMarie]

me too, since yesterday.

 

[Gareth]

This seems like as good a place as any to ask about ads. Gene I recently disabled ad blocking on the Paracast pages so your ads get more views.

My question is, does this actually have any effect on ad data? Or is it pointless unless I actually click on one of the ads? Basically I know there is no way Im going to click on an ad, but I will happily leave ad blocker off on this site if it has some benefit for you guys. But if it doesnt matter unless I actually click an ad then Ill just re-enable ad blocker.

Tks.

 

[ddd999]

Re: security certificate errors
Same here (kinda annoying)...

 

[pupilstutor]

I'm getting it too. Any help??
<!-- / message --> <!-- controls -->

 

[DavidRavenMoon]

If you are on a secure page (shttp), and an image on that page is on an unsecured server (http), you will get errors like that.

It's a shame that M$ has to be so ham-fisted about it. I guess they are trying to disprove that Windows has a lot of security flaws.

I may be biased, but the best way to fix that whole situation is to get a Mac! All your internet problems will be gone (viruses etc.).



Just ask Gene and David.

 

[SteveO]

This doesn't necessarily indicate that there's an MS related error occurring. The Certificate Authority that contains the validating information for the site could well be offline or could also have revoked the certificate for any number of legit reasons. While I'm relatively sure I'm on the genuine Paracast site, if this was Paypal or Amazon, the certificate is helpful for giving assurance that you aren't entering your personal information into a spoofed site...so having your browser check is generally a good idea. CAs are irritating, but the internet in general is better off for them.

 

[DavidRavenMoon]

This doesn't necessarily indicate that there's an MS related error occurring.

Right, but my point was that there are more subtle ways to handle the error than to block the site.

I have a PayPal storefront, and I had to put my logo on my web host's secure server, otherwise you get that warning about entering an unsecure site.

As Schuyler said, Firefox and Chrome do not get the error, so it IS an MS issue.

 

[SteveO]

Actually it's not.

Embedded code, cross-site scripting, these are all a big problem if you work in the realm of security. I don't have a personal stake in the whole Microsoft/Mac debate, but IE is the most prevalent piece of software out there, so it's not surprising that it is also the most compromised. The fact that IE is looking at non-secured content on a secure page is a positive step, not an issue. Not trying to be contrary, but as I enter my tenth year in IT Security I find myself developing some pretty strong opinions on the way interwebs works.

 

[Gene Steinberg]

Actually it's not.

Embedded code, cross-site scripting, these are all a big problem if you work in the realm of security. I don't have a personal stake in the whole Microsoft/Mac debate, but IE is the most prevalent piece of software out there, so it's not surprising that it is also the most compromised. The fact that IE is looking at non-secured content on a secure page is a positive step, not an issue. Not trying to be contrary, but as I enter my tenth year in IT Security I find myself developing some pretty strong opinions on the way interwebs works.

It's not just popularity. Actually use of IE is dipping around the world at a steady pace. It's the fact that other browsers are just more secure and every one of them is measurably faster in every performance parameter. Even Apple's Safari when used on the Windows platform, where it actually shares a position with Google's Chrome (which uses the same WebKit rendering engine) as the speediest browsers on the planet.

Don't know what ET uses.

 

[DavidRavenMoon]

Actually it's not.

Embedded code, cross-site scripting, these are all a big problem if you work in the realm of security. I don't have a personal stake in the whole Microsoft/Mac debate, but IE is the most prevalent piece of software out there, so it's not surprising that it is also the most compromised. The fact that IE is looking at non-secured content on a secure page is a positive step, not an issue. Not trying to be contrary, but as I enter my tenth year in IT Security I find myself developing some pretty strong opinions on the way interwebs works.

If it is the most prevalent, it's because MS forces people to use it. It's certainly not the most popular. Remember the whole monopoly thing? They figured if they could also use it as a file browser, they would have an excuse as to why you can't remove it from the OS.

As far as being the most compromised... that's because it's easily compromised. It's more than happy to allow some Active X thing to take control of the computer. There was an incident some years back where someone hacked into the US Army's website. So they army switched the server to a Mac. Of course that was probably Mac OS 8, but still, Macs are more secure to this day.

Oh, and I have not gotten a single certificate error on these pages.

 

[Schuyler]

As Schuyler said, Firefox and Chrome do not get the error, so it IS an MS issue.

OK, but that may be because Firefox and Chrome simply do not test for it. It's not a 'bad thing' to test for certificate errors. This particular problem is not because of being on a secure page and having something called from a non-secure page. There's something else afoot.

I certainly agree about the ham-fistedness of it, though. There ought to be a way to turn off checking for sites you trust. MSIE allows you to do that on a lot of other issues, but they seem to have missed this one.

BTW (cross-fingers), it does not seem to be happening today.

 

[pixelsmith]

me too, since yesterday.

quit using ANYTHING microsoft and you will have few if any errors.

 

[TClaeys]

It's gone now for whatever reason.

 

[Fcseven]

I switched to firefox and never looked back.It's hard to believe some people are still using IE.

 

[AnnetteMarie]

didn't really like firefox. couldn't put my finger on exactly why, probably something to do with my home page? who knows. deleted it six or seven months after the install.

 

[Gene Steinberg]

didn't really like firefox. couldn't put my finger on exactly why, probably something to do with my home page? who knows. deleted it six or seven months after the install.

Try Apple's Safari for Windows. User friendly and faster than Firefox.