It seems C4L does not have an SSL certificate that allows for a secure connection via https. This needs to be fixed immediately if our credit card numbers are to be secure.

If this has already been posted, I'm sorry.

ouch, MAJOR oversight.

BUMP.

Too late... Anonymous posted this last night.

Guaranteed it's been hacked.

Too late... Anonymous posted this last night.

Guaranteed it's been hacked.

Not cool. If Anon hasn't gotten to it yet, they will soon. This needs to be fixed ASAP!

Can someone who has full membership post on the C4L blog and let everyone know about this?

Can someone who has full membership post on the C4L blog and let everyone know about this?

meh, go straight to the paul.

Whoa. Crap.

Per C4L staff it's being resolved as we speak.

Too late... Anonymous posted this last night.

Guaranteed it's been hacked.

Anon got there already? Fuck.

CFL FTL

They are working on it.

So does this mean my number and other personal data has been likely stolen?

So does this mean my number and other personal data has been likely stolen?

If you sent your credit card info through the site then it's possible, but not necessarily likely. I'd just keep a close eye on your account activity for fraudulent charges.

So does this mean my number and other personal data has been likely stolen?

It's a distinct possibility. Keep an eye on your accounts for now.

It seems C4L does not have an SSL certificate that allows for a secure connection via https. This needs to be fixed immediately if our credit card numbers are to be secure.

If this has already been posted, I'm sorry.

I wish I was working at c4l right now. I'dbe on irc with goodies fo sho

So does this mean my number and other personal data has been likely stolen?

Most likely not. It means that the data was sent from your computer to the C4L server without being encrypted. There still needs to be someone between your computer and the C4L server to intercept it. Since it just went live, chances of that happening are pretty low, but there's still a chance so do keep an eye on it.

It's fixed.

It's fixed.

Debbie, could we get links to the old blog to redirect to the new addresses? For example, http://www.campaignforliberty.com/blog/?p=647 is currently 404'd.

We'll lose a lot of inbound traffic for a while if this is not fixed.

I just tried it again and got the following error:
Secure Connection Failed













70.32.73.101 uses an invalid security certificate.

The certificate is not trusted because it is self signed.
The certificate is only valid for campaignforliberty.com

(Error code: sec_error_untrusted_issuer)







* This could be a problem with the server's configuration, or it could be someone trying to impersonate the server.

* If you have connected to this server successfully in the past, the error may be temporary, and you can try again later.

I just punched "www.campaignforliberty.com" in my browser and then http://70.32.73.101/#. shows up in the address bar

Secure Connection Failed
70.32.73.101 uses an invalid security certificate.

The certificate is not trusted because it is self signed.
The certificate is only valid for campaignforliberty.com

(Error code: sec_error_untrusted_issuer)

* This could be a problem with the server's configuration, or it could be someone trying to impersonate the server.

* If you have connected to this server successfully in the past, the error may be temporary, and you can try again later.


Just a heads up - the only reason the certificate seems to be throwing an error is because it is for the CAMPAIGNFORLIBERTY.com site - not the IP address that we are accessing the site through for now.

Self signed certificates do no good in this case.


I suggest you get an EV SSL cert from http://www.networksolutions.com/SSL-certificates/ev-certificate.jsp

Jonathan, I sent your concerns to Adam to fix.

Matt, I spoke with Adam and as I understand it, the security issue has been fixed. Excuse my ignorance, but he said something about the security certificate coming from the new hosting company we switched to.

Please feel free to use the "Help" link on the main menu bar to let Adam know of any problems are concerns that you have with the new site.

Matt, I spoke with Adam and as I understand it, the security issue has been fixed. Excuse my ignorance, but he said something about the security certificate coming from the new hosting company we switched to.I understand. This stuff gets a bit complicated especially when dealing with multiple vendors across the Net.

Uh oh

after you're done with that, get terra eclipse to design it or something.
this site is UGGGGLY
the beta one was even better

I have independently confirmed that CFL was hacked yesterday.

It appears to have been a week of DOS type attacks, followed with a full breach sometime this morning.

I don't know what information was taken, if any. Anonymous is genuinely favorable towards Ron Paul, so this might have only be an attempt to promote a more secure site. Most of Anon is relatively liberty minded, ironically, chances are high there was no theft of people's information.

I have independently confirmed that CFL was hacked yesterday.

It appears to have been a week of DOS type attacks, followed with a full breach sometime this morning.

I don't know what information was taken, if any. Anonymous is genuinely favorable towards Ron Paul, so this might have only be an attempt to promote a more secure site. Most of Anon is relatively liberty minded, ironically, chances are high there was no theft of people's information.

If Anon had the chance to destroy their own home 4chan they would. Dont be fooled. They have allegiance to no one but themselves.

Anonymous gets a bad rap.

Most are actually libertarians and very well spoken and opinionated.

Anonymous gets a bad rap.

Most are actually libertarians and very well spoken and opinionated.

Agreed.

I have independently confirmed that CFL was hacked yesterday.

It appears to have been a week of DOS type attacks, followed with a full breach sometime this morning.

I don't know what information was taken, if any. Anonymous is genuinely favorable towards Ron Paul, so this might have only be an attempt to promote a more secure site. Most of Anon is relatively liberty minded, ironically, chances are high there was no theft of people's information.

So how do you independently confirm this?