# I can't access the forum......



## Wirrallass (Jan 22, 2018)

........on my mobile phone. Each time I try to, the following message appears on screen:-

YOUR CONNECTION IS NOT PRIVATE.
ATTACKERS MIGHT BE TRYING TO STEAL YOUR INFORMATION FROM
FORUM.diabetes.org.uk
ie. PASSWORDS : MESSAGES OR CREDIT CARDS
NET : :ERR_CERT_AUTHORITY_INVALID.

Following which in a blue box it says BACK TO SAFETY. When I click on this, everything disappears from the screen

If my memory serves me right I think @grovesy had a similar problem last year and wonder how she got round this. The details of which are stored on my old phone which has given up the ghost so I'm unable to back track. I'm still able to access the forum on my Tablet.

Also is it possible to delete the diabetes.org.uk forum from my moby? If so how?

Thanks a bunch folks ~ I'd appreciate any help or advice.
WL


----------



## Naty (Jan 22, 2018)

It happened to me on Saturday and after I restarted it was all fine


----------



## Northerner (Jan 22, 2018)

I seem to remember the solution was to clear your browsing history and if you are using a shortcut, create a new one. Please don't ask me how, I don't do smartphones very well


----------



## grovesy (Jan 22, 2018)

I ended up using a differnt browser for a while as clearing cookies did not work. Though it was not on a mobile. I think it was my tablet.
Though I am back to my usal one.


----------



## Wirrallass (Jan 23, 2018)

Thanks for your replies folks ~ I apprec ~ but on reflection I'm almost sure now that the problem I have lies with Diabetes.org.uk web site ~ not trying to pass the buck but I have no idea how to sort this with DUK.

My computer skills are abysmal so @Naty will you explain to me please what you did to restart it!! Thanks
WL


----------



## Northerner (Jan 23, 2018)

I'll see if DUK can remind me what the problem was and how to solve it  What phone do you have, and is it only happening on that phone? When did it start happening?

p.s. there is no risk to your data, it's an erroneous message, so don't worry


----------



## mikeyB (Jan 23, 2018)

Normally when I access the forum there is a green padlock indicated security. Now there is a little ‘i’ in a circle. Clicking on that reveals a message saying the site is not secure, plus the guff about passwords etc. This means there is something systemic wrong, not just with wirralasses phone. Please fix it, or I’ll have to close the cafe.


----------



## mikeyB (Jan 23, 2018)

Logging out and logging in again briefly showed the green padlock, but switched to the security warning icon (but not the worst, which is red and ‘dangerous’. I’d be interested to know how you can say it’s an erroneous message with confidence. Chrome seem to think their opinion is reliable.


----------



## mikeyB (Jan 23, 2018)

And it only happens when you access a thread. The home page, for what it’s worth, appears to be secure.


----------



## mikeyB (Jan 23, 2018)

But not all threads....so who is carrying the hidden data that switches off security??? Spooky


----------



## Northerner (Jan 23, 2018)

I'll get them to investigate Mike


----------



## mikeyB (Jan 23, 2018)

It’s you Northie. Every thread you’ve posted on shows the security warning. Weird. Could you post something on the cafe to see if it changes the currently secure status? I can flog you some cake and a cup of tea while you think


----------



## Wirrallass (Jan 23, 2018)

Northerner said:


> I'll see if DUK can remind me what the problem was and how to solve it  What phone do you have, and is it only happening on that phone? When did it start happening?
> 
> p.s. there is no risk to your data, it's an erroneous message, so don't worry


Northie ~ its a Samsung J5 ~ it is synced with my Samsung GalaxyTablet but no problems with the Tablet. I've just googled NET::ERR  etc and there are loads of suggestions how to solve it but Mrs here can't even follow those instructions coz the print is too small And it also depends whether it's a Google : Chrome : Email error!!!


----------



## Wirrallass (Jan 23, 2018)

I think I'll contact 02 tomorrow, see if they can solve it ~ but in the meantime please carry on sending ways of solving the problem, thanks.


----------



## mikeyB (Jan 23, 2018)

I don’t think it’s your problem, WL. Both my phone and tablet (both Apple iOS ) flag up security warnings, but not at the highest level. I don’t think many people have noticed, to be honest.


----------



## mikeyB (Jan 23, 2018)

And studious research back into Northie posts shows this has been happening since early January. Every single thread shows insecure.


----------



## mikeyB (Jan 23, 2018)

This is interesting. On multi post threads it’s only the pages where there’s a Northie post that show the security warning. It doesn’t pollute the whole thread. 

I should get out more...


----------



## Northerner (Jan 23, 2018)

mikeyB said:


> This is interesting. On multi post threads it’s only the pages where there’s a Northie post that show the security warning. It doesn’t pollute the whole thread.
> 
> I should get out more...


That's interesting Mike. I have an 'i' also, and the explanation is given on this page:

https://support.google.com/chrome/a...93914-3076749555&p=ui_security_indicator&rd=1

I've asked DUK to investigate, so hopefully this will help them pin it down.

I have a padlock on all other sites, except the BBC news site.


----------



## mikeyB (Jan 23, 2018)

It is confined to your posts, Northie. If I browse back through the cafe pages, as soon as the green lock disappears, I’ll find one of your posts on the page. Your blogs show the same ‘i’ message, but I’m not sure of the significance of that. Do you use a computer, or tablet?


----------



## Northerner (Jan 23, 2018)

mikeyB said:


> It is confined to your posts, Northie. If I browse back through the cafe pages, as soon as the green lock disappears, I’ll find one of your posts on the page. Your blogs show the same ‘i’ message, but I’m not sure of the significance of that. Do you use a computer, or tablet?


I mostly use my laptop. I've tried running a scan but nothing came up. When I click on the 'i' it says:

 
Just checked on my phone and I get the padlock, not the 'i' so will stop using my laptop until I can get to the bottom of it


----------



## Vince_UK (Jan 23, 2018)

Couple of possibilites, have you checked your security setting on your laptop? are you using your home wifi-I guess so.
Sometimes te security setting on your laptop or your anti-virus may need changing to allow access.
Just a thought I use Apple iMac.MacBook and all my phones are Apple iOS but I have had similar issues on my other windows laptops.


----------



## Northerner (Jan 23, 2018)

Vince_UK said:


> Couple of possibilites, have you checked your security setting on your laptop? are you using your home wifi-I guess so.
> Sometimes te security setting on your laptop or your anti-virus may need changing to allow access.
> Just a thought I use Apple iMac.MacBook and all my phones are Apple iOS but I have had similar issues on my other windows laptops.


I'll check Vic, thanks for the clue!


----------



## Northerner (Jan 23, 2018)

Just testing something.

http://example.com


----------



## Vince_UK (Jan 23, 2018)




----------



## Vince_UK (Jan 23, 2018)




----------



## Vince_UK (Jan 23, 2018)

this is what I got @Northerner


----------



## Northerner (Jan 23, 2018)

OK, I have found something that refers to 'Mixed content', explained thus:

https://support.mozilla.org/en-US/k...-secure-affect-my-safety&utm_source=inproduct

When using Firefox I get the grey lock with orange triangle:







 : A grey lock with an orange triangle indicates that Firefox is not blocking insecure passive content. Attackers may be able to manipulate parts of the page, for example, by displaying misleading or inappropriate content, but they shouldn’t be able to steal your personal data from the site.

So it may be down to the fact that on the page where the 'i' appears it'sbecause there is some mixed content, probably an image. I've done some checks and it doesn't happen on every page I have posted on and haven't been able to check yet if other members' posts cause the 'i' to appear under certain circumstances.


----------



## Vince_UK (Jan 23, 2018)

So Firefox is the culprit. I am not sure if you can change the setting in Firefox, long time since I have used it. I do use it on my TV  but only recently started to do so.
I have Firefox on my Macbook. I will try and post on there


----------



## Vince_UK (Jan 23, 2018)

I am posting this using Firefox on my Macbook Northie


----------



## Northerner (Jan 23, 2018)

Vince_UK said:


> So Firefox is the culprit. I am not sure if you can change the setting in Firefox, long time since I have used it. I do use it on my TV  but only recently started to do so.
> I have Firefox on my Macbook. I will try and post on there


No Vince, it's not a problem with Firefox, it's the 'Mixed content' effect. I've just done an experiment where, if I add an image with an http:// location, the 'i' appears' - if I remove it then the 'i' goes and the green padlock returns. For example, if I add this emoticon 
	

	
	
		
		

		
		
	


	




 that will change the padlock to an 'i',


----------



## Vince_UK (Jan 23, 2018)

ah ok I see now Northie.
Very strange indeed.


----------



## Northerner (Jan 23, 2018)

But if I remove that emoticon, it goes back to the padlock. There's a long and rather technical article on mixed content blocking here:

https://blog.mozilla.org/tanvi/2013/04/10/mixed-content-blocking-enabled-in-firefox-23/

This section explains why they do not block all this mixed content:


*What will the Mixed Content Blocker block?*
The Mixed Content Blocker will block Mixed Active Content requests in Firefox 23.  This reduces the threat to the user, but does not eliminate it completely because Mixed Passive Content is still permitted.  Users can decide to block Mixed Passive Content as well by following a couple simple steps[2].

Why are we reducing the threat instead of eliminating the threat?  Unfortunately, the web is not ready for Firefox to block Mixed Passive Content.  Mixed Passive Content is still common on the web.  For example, many HTTPS webpages include HTTP images.  Too many pages would break if we blocked Mixed Passive Content (ex: https://youtube.com).  Hence, Firefox would alert users too often and contribute to security warning fatigue.

Moreover, blocking Mixed Passive Content could cause considerable user experience issues for users with low bandwidth connections.  To avoid generating a browser security warning, websites will begin removing Mixed Passive Content from their HTTPS sites by replacing HTTP images and videos with their HTTPS equivalent versions.  When low bandwidth users visit the HTTPS site, all image loads and video streams would be encrypted and there would be considerable lag in the page’s load time and the time it takes for videos to buffer.  With Mixed Active Content, bandwidth considerations are not as big of an issue since Mixed Active Content loads (ex: scripts, stylesheets) are usually a few KB, compared to Mixed Passive Content loads which often contain multiple MBs of data.

The risk involved with Mixed Content (active or passive) also depends on the type of website the user is visiting and how sensitive the data exposed to that site may be. The webpage may have public data visible to the world, or it may have private data that is only visible when authenticated. If an HTTP webpage is public and doesn’t have any sensitive data, the use of Mixed Content on that site still provides the attacker with the opportunity to redirect requests to other HTTP URLs and steal HTTP cookies from those sites.


----------



## Northerner (Jan 23, 2018)

What I can't fathom is why this seems to have just become an issue, and only for some people using some devices 

Have to leave it for now, my head is hurting!


----------



## Wirrallass (Jan 23, 2018)

Hey guys ~ You're not going to believe this but I have access to Diabetes.org.uk. and the forum again! Yeah yeah yeah!!! and I didn't do a single thing from this end to bring it about Thank you all for your input in attempting to solve a problem that was giving me a right royal headache too @Northerner! I think we've all learned something from the above discussions. Oh ~ by the way D.org.uk returned about 18.30hrs but I was entertaining guests at the time and couldn't post the good news until now. My thanks again to everyone for your time and trouble, its very much appreciated. 
***Hang on to this thread for future reference!
WL


----------



## Naty (Jan 23, 2018)

wirralass said:


> Thanks for your replies folks ~ I apprec ~ but on reflection I'm almost sure now that the problem I have lies with Diabetes.org.uk web site ~ not trying to pass the buck but I have no idea how to sort this with DUK.
> 
> My computer skills are abysmal so @Naty will you explain to me please what you did to restart it!! Thanks
> WL


 

Sorry for the late reply - I just restarted my phone and when I went back to the forum it was as normal


----------



## Lucy Honeychurch (Jan 23, 2018)

Same happened to me yesterday afternoon, but I just thought it was my tablet being a dick as I could get on using OH's phone. Got straight on first try today. I'm useless with tech


----------



## Wirrallass (Jan 24, 2018)

I've just been reading this thread and noticed on Page 1 the  lock and https:// is green.
But when I switch to Page 2 the lock  has disappeared and is replaced with an i  in a circle.
I clicked on the i and the following appeared on screen:-

https://*forum,diabetes.org.uk*/boards/threads/i-cant-access-the-forum.71273/page 2
ATTACKERS MIGHT BE able to see the images that you're looking at on this site & trick you by modifying them.
Details
https://forum.diabetes.org.uk
Usage
16KB stored data

So I clicked on the above and a message appeared in a blue box as follows:-
CLEAR and RESET

That's as far as I've got coz I don't know what I'm doing by clicking on the above and scared in case I exacerbate the situation!!

I'm just wondering what the heck does all that mean?!!!

Using my Tablet a couple of days ago I was using a site to copy a number of images ~ well rather a lot really ~ but when I tried to paste them on a thread a message appeared saying ERROR and can't do that. I wonder if this is what caused part of the problem I was having ~ and why and how it was related to my mobile phone? My brain is tired of it all and hope the said problem won't be repeated!


----------



## Vince_UK (Jan 24, 2018)

Has FIrefox update recently and maybe this is a bug?
I recall that the Firefox on my Amazon TV's updated itself 2 days ago.
THis happens quite frequently with iOS from Apple, ther eare always secondary updates after the release of either a new iOS or a significant update.


----------



## Northerner (Jan 24, 2018)

It's beginning to sound like a browser glitch in how it now treats the presence of the 'mixed content' on a page. I'll try and have a look at some similar sites today and see if it happens elsewhere.


----------



## Robin (Jan 24, 2018)

Northerner said:


> It's beginning to sound like a browser glitch in how it now treats the presence of the 'mixed content' on a page. I'll try and have a look at some similar sites today and see if it happens elsewhere.


Just to add my threeha'pence. I'm on Safari, on an iPad. I get the padlock on all the fourm lists, etc, but not on all the actual thread pages. For example, I get a padlock on page one of this thread, but not on this page! It doesn't seem to be you, particularly, Northie, I get the padlock on the first page of my happy birthday thread, for example, that you started, but not on the second. (And all the last five pages of the 7day waking thread have the padlock, so it's not just that the first page of anything is OK and not the rest)


----------



## Northerner (Jan 24, 2018)

Robin said:


> Just to add my threeha'pence. I'm on Safari, on an iPad. I get the padlock on all the fourm lists, etc, but not on all the actual thread pages. For example, I get a padlock on page one of this thread, but not on this page! It doesn't seem to be you, particularly, Northie, I get the padlock on the first page of my happy birthday thread, for example, that you started, but not on the second. (And all the last five pages of the 7day waking thread have the padlock, so it's not just that the first page of anything is OK and not the rest)


Yes, it's not just me, it's wherever there is an http reference in a post/on a page instead of an https - the browser flags this as potentially not secure. A good example is the 'What is stopping women from cycling' thread, where @Matt Cycle references a blog which is http. I suspect it just appears to be related to my posts because I've posted nearly 90,000 posts on a large variety of threads and thread pages.


----------



## Mark T (Jan 24, 2018)

Northerner said:


> Yes, it's not just me, it's wherever there is an http reference in a post/on a page instead of an https - the browser flags this as potentially not secure. A good example is the 'What is stopping women from cycling' thread, where @Matt Cycle references a blog which is http. I suspect it just appears to be related to my posts because I've posted nearly 90,000 posts on a large variety of threads and thread pages.


Yes, it's a newish feature in Firefox (although it was proposed years ago).

Basically, a page is only secure if it contains only https:// content.  If you have http:// it's not secure.  Firefox get very upitty if you mix content.  Ideally you want everyone to post only https links.


----------



## mikeyB (Jan 25, 2018)

Yes, I must apologise to Northie for misinterpreting his presence on so may insecure pages. Just in the wrong place at the wrong time. Or, perhaps, like Zelig

But one question I have, is all the page insecure if one link or picture links to a http source? If so, maybe there should be a general heads up about submissions or links because I’m sure 90% of members wouldn’t realise the significance.


----------



## Wirrallass (Jan 25, 2018)

I'm having the same problem again on my mobile phone that started this thread off! I've even tried to block DUK emails but they still keep a-coming!!


----------



## mikeyB (Jan 25, 2018)

Aye, I’ve unchecked every single alert on my preferences page, and still the odd one slips through. I’ve given up trying to figure this out, it’s beyond my skill set and hurts my brain.


----------



## Northerner (Jan 25, 2018)

mikeyB said:


> But one question I have, is all the page insecure if one link or picture links to a http source? If so, maybe there should be a general heads up about submissions or links because I’m sure 90% of members wouldn’t realise the significance.


I think that it seems it's all down to a change in emphasis from the browser suppliers - the risk is 'potential', but as such has existed for many years, it's just now that they are flagging it up. I've certainly noticed the number of sites that are https have been increasing, so the trend is towards replacing them. However,a potential risk doesn't necessarily mean a page is any more unsafe than it has been in the past few years. As long as you have good virus protection any unsafe link should be picked up, it's just that the browsers are now stepping into that role first. Bear in mind also that this site has hacking protection of a high order, so any malicious links would need to get through that before they could be interfered with. I certainly understand people wanting to stay safe online.


----------



## Northerner (Jan 26, 2018)

I've just noticed that blogger now has a 'redirect to https' setting so that anyone accessing an http link will be redirected to an https address, thus retaining full security. I've just changed my poetry, Diabotics and Couchsurfing with the Diabetes Fairy blogs to do this 

Seems it's definitely flavour of the month!


----------



## Mark T (Jan 26, 2018)

Of course one issue is if you insert images from you own website that are linked via a http link.  Some of the image hosting services do let you have https though.

My web host now offers free SSL certificates so you can sign content on your own website.


----------



## everydayupsanddowns (Jan 26, 2018)

I had an issue which was related to Avast antivirus and the DUK SSL certification. Can’t quire remember how I resolved it, I have half a memory it was to do with the Certificate Authority.


----------



## Naty (May 10, 2018)

BUMP
Me again...

I got a new phone and tablet last week.   Both showed the white exclamation mark in the red triangle and 'https' crossed out in red for all pages in the forum.  My phone has now (for want of a better expression) 'got used to it' and now marks the forum as safe.  My tablet, however, has not, and periodically will display the error message copied by the OP _every _time I go and look at a new thread.  I delete my browsing history and restart the tablet, but then the next day it will happen again, and even when I don't get the error message the forum address _always_ has the exclamation mark as detailed above.

I am now rather hacked off, as if that wasn't obvious!

I'm off to work in the near future, but does anyone have any suggestions a bit less frustrating than switching off and switching back on...?


----------



## grovesy (May 10, 2018)

When I had problems last year I ended up downloading a different browser.


----------



## Heath o (May 10, 2018)

It says that to me sometimes when Internet gone off and hub is restarting, so think it might be your connection,x


----------



## Naty (May 10, 2018)

Heath o said:


> It says that to me sometimes when Internet gone off and hub is restarting, so think it might be your connection,x



Usually when I have a dodgy connection I get logged out - for all these instances I've been virtually sat on top of our Home Hub...


----------



## Heath o (May 10, 2018)

It's like that at our house everybody round hub we always have bad connection,x


----------

