You are viewing a single comment's thread from:
RE: United Arab Emirates vs Andorra (Predict & Win)
I like the service but it should be secured through an https connection. Without encryption emails, passwords, and active keys can be intercepted through local networks - for example if I joined a public library or coffee shop wireless network.
I received an error with tab spacing between the name and number so I used an online service to convert them.
Thanks for feedback!
I fixed tab spacing bug.
It is free service but for ssl have to pay . Maybe I add ssl in the future.
If your password is different to different services it is nothing problem if someone steal it. We don't save any valuable information like private keys.
For more security you can create another steemit-account via AnonSteem only for payments.
I think it is bad habit to connect to public wireless network when you send money.
It saves valuable time so I may create another account for service. Users should be warned of vulnerability if they use a shared internet connection. Some website hosts will allow free encryption through plugins such as letsencrypt.org or if you have a paid service like GoDaddy then Cloudflare has a free SSL plugin. Another option to consider if the service is used enough to fund-raise or charge a small fee like 0.001 per 1 STEEM sent or 20 total transactions which could also reduce potential for spamming.
I listened to your wishes and now steemsender is available through https
I am able to login through https but when I try to send STEEM it gets stuck on the "Please wait a few seconds..." screen. Thanks for your efforts to facilitate this I am happy to send a small amount of STEEM for each use of service.
Do you use Mozilla? Try to send by via Chrome or Opera. I don't know why it doesn't work via Mozilla...
I used Chrome and notice a warning to load unsafe scripts. I tried to load unsafe scripts but unable to send.
To resolve I think copying all website files to local https server and change all references in webpage code from http to https. For example jquery.validate.js is referenced through http instead of https. Here is related issue: https://stackoverflow.com/questions/3562358/can-i-use-jquery-form-js-in-an-https-page
You are really expert in security things! I couldn't realize about this unsafe scripts. Thanks for solution!
So I fixed it. Try to send again.
It works for me with Chrome and Brave browsers now, I haven't tested Firefox or others.
Also if you need create new account for payments then send 4 STEEM to @barbadossobot with memo "your_new_account". Password will be sent to your email (as I see you registerred on steemsender already) or steemit account with encrypted memo.
It will be cost 4 against 5 STEEM from AnonSteem and 3 STEEM will be on your new account.
Also you can encrypt your memo "# your_new_account"