Octopus Overlords

$iljanus wrote:

FishPants wrote:

$iljanus wrote:

$iljanus wrote:Tapatalk was busted for me around 2:30ish EST but is fine now. Perhaps relogging in will fix it?

Uggh we have ads now though. Didn't have any before. My ad suggests ways to see if your spouse is cheating. Pretty tacky crap.

Logged in, tapatalk now wants ME to pay $60 to not enable ads. Fuck them. This app is borderline malware, but I'm not paying them a red cent.

Sorry guys, looks like now you get ads.

No need to apologize. I wonder if there's another app that's similar? Tapatalk is easier to read and use on my phone but the ads are really intrusive to me. I could pony up some cash to buy the ad free user version I guess or get used to it until I click on an ad by mistake.

So I'm in with my app and I don't see ads. Where do you see them?


Sent from my iPhone using Tapatalk

FishPants wrote:

Jolor wrote:

FishPants wrote:

Jolor wrote:Firefox 53.0 does not allow:
uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. Error code: SEC_ERROR_UNKNOWN_ISSUER

In via Chrome OK.

Can you view the cert in Firefox? Sounds like I need to install intermediary certs.

Yes. Anything you want me to look for, specifically?

Does it show it being a rapidssl cert? And you are using the oo URL?


Sent from my iPhone using Tapatalk

RapidSSL SHA256 CA

Entered octopusoverlords into the address bar and was rewarded with https://www.octopusoverlords.com//

Is anyone else coming in OK with Firefox?

FishPants wrote:

$iljanus wrote:

FishPants wrote:

$iljanus wrote:

$iljanus wrote:Tapatalk was busted for me around 2:30ish EST but is fine now. Perhaps relogging in will fix it?

Uggh we have ads now though. Didn't have any before. My ad suggests ways to see if your spouse is cheating. Pretty tacky crap.

Logged in, tapatalk now wants ME to pay $60 to not enable ads. Fuck them. This app is borderline malware, but I'm not paying them a red cent.

Sorry guys, looks like now you get ads.

No need to apologize. I wonder if there's another app that's similar? Tapatalk is easier to read and use on my phone but the ads are really intrusive to me. I could pony up some cash to buy the ad free user version I guess or get used to it until I click on an ad by mistake.

So I'm in with my app and I don't see ads. Where do you see them?


Sent from my iPhone using Tapatalk

Android app. See them in the timeline feed below the first post. Also on the top of the page in a thread.

Jolor wrote:Is anyone else coming in OK with Firefox?

So I installed firefox on my Mac, and I got the same error.. I now installed the intermediary CA certs and it seems to have fixed it my side. Confirm?

FishPants wrote:

Jolor wrote:Is anyone else coming in OK with Firefox?

So I installed firefox on my Mac, and I got the same error.. I now installed the intermediary CA certs and it seems to have fixed it my side. Confirm?

Still seeing the same issue.

Jolor wrote:

FishPants wrote:

Jolor wrote:Is anyone else coming in OK with Firefox?

So I installed firefox on my Mac, and I got the same error.. I now installed the intermediary CA certs and it seems to have fixed it my side. Confirm?

Still seeing the same issue.

I'm stumped.. literally had the exact same problem, repeatable.. Installed CA certs and bam, fixed on my mac.

Not sure what else it could be? Or rather what else I could do.

Anyone else still using firefox that can assist in testing?

Only difference is I'm Win10. Let's see what tomorrow brings. Awesome support ... Thanks!

Fwiw, my android tablet login trusts the site now. Everything looks like its working great.


And +1 to the thanks for awesome support!

Sad about the ads. I understand but it's a bummer. Stupid tapatalk

Chrisoc13 wrote:Sad about the ads. I understand but it's a bummer. Stupid tapatalk

Is everyone getting ads? I'm not so not sure if ads are an android vs iOS thing. If everyone is getting it I will consider paying these people.


Sent from my iPhone using Tapatalk

FishPants wrote:

Chrisoc13 wrote:Sad about the ads. I understand but it's a bummer. Stupid tapatalk

Is everyone getting ads? I'm not so not sure if ads are an android vs iOS thing. If everyone is getting it I will consider paying these people.


Sent from my iPhone using Tapatalk

iOS here.

I'm willing to chip in.

My latest ad claims to be able to clean my infected phone from "pone malware" If you were to buy an upgrade I'd chip in but I also don't like giving them cash. They could have better ads at least.

So FP...there's a fee that the host could pay to disable the TT ads? I'd be willing to kick in some money to get them disabled again. You said $60? Or was that just you personally would have to pay for your client?

I don't have ads, but once they went to ad-supported, they stated that if you had paid for the app, they would put you in as ad-free. I dug up my iTunes receipt from all those years ago, sent it in, and they put me on the whitelist.

Isgrimnur wrote:I don't have ads, but once they went to ad-supported, they stated that if you had paid for the app, they would put you in as ad-free. I dug up my iTunes receipt from all those years ago, sent it in, and they put me on the whitelist.

Huh. Pretty sure I paid for the app. Are your iTunes receipts online somewhere or are you an obsessive receipt hoarder?

Your entire history is available online. It took me a while to find, as the pages were short. Might be easier to search email archives.

Guess that's why, I paid for the app back in the day (and why I'm pissed off they are inserting ads to ppl now). Didn't realize it went ad free.

Yeah 60 bucks for a year of ad free foruming in the owner dashboard. I also need to upgrade the plugin again.

Had some issues with my Nexus 5, but after updating chrome and rebooting the phone, all is well.

I'm now getting a "only secure content is displayed" message on IE and Chrome on every page when I browse the site. When I try to access the forum via chrome on my android phone, it says the site is insecure and refuses to display it. So, something is wrong somewhere.

ColdSteel wrote:I'm now getting a "only secure content is displayed" message on IE and Chrome on every page when I browse the site. When I try to access the forum via chrome on my android phone, it says the site is insecure and refuses to display it. So, something is wrong somewhere.

It's you, or your chrome, actually. OO cert is untrusted because Chrome doesn't recognize it. Either the issuer or the date or some other thing. A newer version of browser should fix this, as the new version will trust the cert issuer.

I haven't looked, but it's possible that the company Fishpants got the cert from is new and older browsers just don't recognize it as trusted. It's also possible it's something else. I didn't investigate specifics.

In any case, OO is working correctly, which just leaves things on your end, ColdSteel.

If you update your browser(s) and still see problems let us know and we can look deeper.

FishPants wrote:Guess that's why, I paid for the app back in the day (and why I'm pissed off they are inserting ads to ppl now). Didn't realize it went ad free.

Yeah 60 bucks for a year of ad free foruming in the owner dashboard. I also need to upgrade the plugin again.

Ugh, figures it's subscription based instead of a one time fee. I don't know if I want to kick that much money to them. Might just buy the damn app. On the other hand without the ads I would never have known there was a more comfortable alternative to the old-fashioned underwire bra so there is that.

GreenGoo wrote:If you update your browser(s) and still see problems let us know and we can look deeper.

It's actually not happening with my PC version of Chrome, that works fine. Right now it's IE 11 and Android Chrome that are the problem. I have IE 11 set to automatically update (I just checked) so it's the latest version. So, there's not anything there that's out of date and I don't know what else I can do. As for my Android Chrome, the phone is new and I just updated the OS last week but maybe there's a newer version of the Chrome app. I'll check. This wasn't happening on Thursday last week so whatever changed, it's very recent.

$iljanus wrote: On the other hand without the ads I would never have known there was a more comfortable alternative to the old-fashioned underwire bra so there is that.

Moobs need proper care, too.

ColdSteel wrote:

GreenGoo wrote:If you update your browser(s) and still see problems let us know and we can look deeper.

It's actually not happening with my PC version of Chrome, that works fine. Right now it's IE 11 and Android Chrome that are the problem. I have IE 11 set to automatically update (I just checked) so it's the latest version. So, there's not anything there that's out of date and I don't know what else I can do. As for my Android Chrome, the phone is new and I just updated the OS last week but maybe there's a newer version of the Chrome app. I'll check. This wasn't happening on Thursday last week so whatever changed, it's very recent.

Just tried ie11 from my work computer, no issues here. For some reason it sounds like the issues are on your side, but to have it affect your browser and your phone is odd...



Sent from my iPhone using Tapatalk

According to the Microsoft page on this message, it's caused by having page elements with mixed HTTPS/SSL and HTTP. I don't think that would be due to my browser. This is the only site where I get the message and it only started doing it a few days ago. There's a way to turn off the message in the browser security settings though so I can do that at least.

Symptoms
When viewing a website in Internet Explorer 9 or later, you receive a message that says "Only secure content is displayed."

Cause
This message is telling you that there may be both secure and non-secure content on the page. Secure and non-secure content, or mixed content, means that a webpage is trying to display elements using both secure (HTTPS/SSL) and non-secure (HTTP) web server connections. This often happens with online stores or financial sites that display images, banners, or scripts that are coming from a server that is not secured. The risk of displaying mixed content is that a non-secure webpage or script might be able to access information from the secure content.

My browser address bar (Chrome) has a little shield icon with a red x on the right side. It says that I am trying to load unauthenticated scripts.

I checked the Developer Tools > Console, and it has a bunch similar to:

search.php:1 Mixed Content: The page at 'https://www.octopusoverlords.com/forum/ ... nreadposts' was loaded over HTTPS, but requested an insecure script 'http://ajax.googleapis.com/ajax/libs/jq ... ery.min.js'. This request has been blocked; the content must be served over HTTPS.

Not sure if that helps.

Not sure why we would be calling google java scripts but if we are.

The Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.

Google works directly with the key stakeholders for each library effort and accepts the latest versions as they are released.

Libraries

To load a hosted library, copy and paste the HTML snippet for that library (shown below) in your web page. For instance, to load jQuery, embed the <script src="https://ajax.googleapis.com/ajax/libs/j ... "></script> snippet in your web page.

We recommend that you load libraries from the CDN via HTTPS, even if your own website only uses HTTP. Nowadays, performance is fast, and caching works just the same. The CDN's files are served with CORS and Timing-Allow headers and allowed to be cached for 1 year.

https://developers.google.com/speed/libraries/

ColdSteel wrote:

GreenGoo wrote:If you update your browser(s) and still see problems let us know and we can look deeper.

It's actually not happening with my PC version of Chrome

Yeah, my point wasn't so much that Chrome is the problem, rather it might be the specific version of Chrome which didn't have the appropriate trusts in place. New phones tend to have older versions of apps/OS and can be updated immediately, but you said you did that.

If Fishpants says IE11 is working for him...that makes it tougher to diagnose imo.

Not sure where to go from here. I assume there is a way to check a browser's trusted cert issuers, although I'm not particularly familiar with how to do that. Probably not hard though. If you can provide us with the list or just look at it yourself and see if the Issuer Fishpants used is on the list. If it's not, the question becomes why not. If it is...who knows.

Rip wrote:Not sure why we would be calling google java scripts but if we are.

The Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.

Google works directly with the key stakeholders for each library effort and accepts the latest versions as they are released.

Libraries

To load a hosted library, copy and paste the HTML snippet for that library (shown below) in your web page. For instance, to load jQuery, embed the <script src="https://ajax.googleapis.com/ajax/libs/j ... "></script> snippet in your web page.

We recommend that you load libraries from the CDN via HTTPS, even if your own website only uses HTTP. Nowadays, performance is fast, and caching works just the same. The CDN's files are served with CORS and Timing-Allow headers and allowed to be cached for 1 year.

https://developers.google.com/speed/libraries/

That's...odd. Why would Coldsteel's/TheMix's browser be loading via http while the rest of us, presumably, are loading over https?

edit: and I just looked and my old version of firefox is blocking the unsecure content but wasn't telling me about it. When I asked, it said "yep". So that explains why I'm not getting the alerts. Firefox didn't want to bother me, apparently.

edit2: Surprising absolutely no one, it's the same content TheMix pointed out.

edit3: Mobile version of chrome is reporting no errors and tells me the site is completely encrypted and "safe". The plot thickens.

edit4: Despite edit3, looking at the page source on mobile Chrome reveals that the calls are exactly the same as the desktop calls. i.e. unsecured http. Why Chrome is not reporting this as unencrypted is the question, and a pretty serious one imo. It's possible that Chrome, being a google product, trusts google sites implicitly, but without an identifying cert, how the the browser can be sure it is *really* talking to google is a question. Imo Chrome is not doing that, so wtf is it doing that it doesn't bother to tell me some content on the page is in the clear?

After conversation with senior admin who is not known for making shit up just to provide an answer suggests that different developers (across multiple versions of multiple browsers) decide arbitrarily what initiates a user alert and what does not.

At a guess, I'd investigate IE11's "privacy" settings on Fishpant's browser and Coldsteel's browser. I suspect this is what's causing the discrepancy. If one is "more secure" than the other, that might explain the more stringent page security requirements.

I don't have IE in front of me, but I vaguely remember that IE has a slide bar from most secure to least secure, plus colour coding.

edit: it's also possible to add a site to a whitelist. I suspect that is enough to stop the browser from complaining about certs and/or unencrypted content on OO only, leaving the rest of your surfing as secure/unsecure as it was previously.

Have you tried reinstalling Windows?


Sorry I couldn't resist.

Rip wrote:Have you tried reinstalling Windows?


Sorry I couldn't resist.

You skipped the "have you tried turning it off and on again?" step.

GreenGoo wrote:At a guess, I'd investigate IE11's "privacy" settings on Fishpant's browser and Coldsteel's browser. I suspect this is what's causing the discrepancy. If one is "more secure" than the other, that might explain the more stringent page security requirements.

Mine is set to medium-high with a few custom setting to disable some scripting stuff. Like I said, I could just turn off the popup notification because I trust OO but it would then be off for all the sites I visit, which I don't care for. Can't the site just handle the offending URL through HTTPS to get rid of the issue entirely?

I need some help on this; is it because there's some call to Google via http that's throwing it off, or is it the cert itself it doesn't like?

Ok I had cookies set to not secure for some reason, probably from the problems earlier.. Did that by chance help with the security errors? I'm skeptical, or if that fixed it - chances are it broke shit somewhere else. I can't be all that mad, this server has been running for about 4 years without a problem (unless I caused the problem). I think our current uptime is about 1.5 years without a reboot.

Anyhow I won't muck with anything else, but let me know if that hosed (or somehow fixed) anything.

I can't seem to log in through tapatalk. Network error, please try again later. I've unfollowed it and refollowed and no love.

I know I'm late but just not sure where we stand with tapatalk

tjg_marantz wrote:I can't seem to log in through tapatalk. Network error, please try again later. I've unfollowed it and refollowed and no love.

I know I'm late but just not sure where we stand with tapatalk

Same here. I've even uninstalled and reinstalled Tapatalk, but same result. At this point, I'm just hoping that the upgrade fixes it.

Ditto here.

10-4. I was hoping I'd missed something but I guess not.

Thanks for the replies