It's definitely dangerous to a) run a hosted version of Bridge without proper SSL and b) run a hosted version of Bridge without being extremely careful.
-
-
We encourage people to experiment with Urbit, and don't mind the use of our style guide. But this looks close to impersonation. Be careful.
1 reply 0 retweets 0 likes -
bridge is free. free as in speech no security is bad do not trust
@UrbitBase secure points with hardware1 reply 0 retweets 0 likes -
i looked into
@urbitbase.. I checked the ssl, looks legit.. perhaps they can give us answer1 reply 0 retweets 0 likes -
they have updated: https://bridge.urbitbase.org earlier today there was no tls even so, be careful using a hosted bridge. i do not endorse, but would only consider using with hardware there is demand for a hosted bridge how do we keep trust?
4 replies 0 retweets 1 like -
https://www.ssllabs.com/ssltest/analyze.html?d=bridge.urbitbase.org … We take security seriously. Feel free to reach out if you want to discuss.
1 reply 0 retweets 0 likes -
congrats on tls you still encourage users to enter private keys in the browser there is no warning; it is a bad practice
1 reply 0 retweets 0 likes -
We are securely hosting Tlon code for bridge (not making any changes). Maybe they should add warning in V 1.2 and we will gladly update and host.
2 replies 0 retweets 1 like -
Hosting involves a whole host of risks around DNS hijacking and host security.
2 replies 0 retweets 3 likes
The user can't easily know whether the code that's running is secure.
-
-
Replying to @urbit @UrbitBase and
We simply cannot endorse hosting Bridge in its current form, which is why we don't do it ourselves.
1 reply 0 retweets 3 likes -
If these things are ever gonna circulate to a mass audience. Not everyone is tech savoy enough to host a bridge.. but I guess in time things will gradually change.
2 replies 0 retweets 0 likes - 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.