View Single Post
Old 11-18-2021, 07:09 PM   #3
Ted Craven
Grade 1
 
Ted Craven's Avatar
 
Join Date: Jun 2005
Location: Nanaimo, British Columbia, Canada
Posts: 8,853
Dan,

1. The server provider (Midphase.com) we use for Paceandcap.com and for SartinMethodology.com - we maintain 2 separate active domains and several aliases - DOES indeed provide HTTPS (secure) certificates. The issue has always been that over 16 years of Forum posts there are literally THOUSANDS (and thousands) of explicit links to documents or other interlinked posts at HTTP://paceandcap.com or HTTP:/sartinmethodology.com which would have to be changed once the HTTP went away and was replaced by HTTPS.

I asked this question quite explicitly to the Hosting company tech support at least twice in the past 5 years and they advised that while simple http://paceandcap.com (i.e. main page) could be forwarded to https://paceandcap.com, such forwarding would not cover more extended virtual links to individual Forum posts or embedded images (e.g. http://paceandcap.com/forums/showthread.php?p=140957 ). They suggested I could hire someone to do a bulk search and replace of all HTTP links in the entire 16 year database. To date I have not undertaken that. If you know of someone who can do this at a reasonable price, please let me know. Otherwise, depending on how much people complain, it is lower down on my To Do list. I do appreciate the stigma of simple HTTP these days, and your query is not at all without merit!

2. Avast and many other anti-virus checkers are over-eager in their willingness to flag as malicious any software which does not have an Authentication Certificate (which RDSS software does not, yet), though to be fair they are just doing the job you purchase them to do. Such an Authentication Certificate encodes data into the Installer File which reports whether the file has been modified (e.g. for viruses) after the publisher made it available.

Digital Authentication Certificates used to cost around $1500 ($US) annually but now cost much less and that IS on my list for 2022. (Looking at Comodo.)

Meanwhile, every RDSS Install Package I post for download has been scanned by my Trend Micro file virus checker before I upload it. I know it still does not help when your own virus checker flags it as malicious. It's up to you whether to believe your anti-virus program or take my word for it that it's clean.

3. You did not specifically mention it, but web-browsers also sometimes do not like to download files from non-HTTPS secure certificated websites and throw off a warning, then just quit without doing anything. (I have for years documented this tendency on the RDSS Download page). I am in discussions with TrackMaster/Equibase to relocate the RDSS Install download to the TrackMaster/Equibase's website, which is indeed secure (HTTPS). Sometime next year, along with a few other TrackMaster-related changes.

In the meanwhile, simply tell your browser when it complains that it's OK to download the RDSS Install package, and tell Windows that it's OK to RUN this Installer (typically by reading the progress messages or pop-up windows and always selecting, 'Tell me More', 'Do it anyway', 'I trust this site/software', etc). And don't worry too much about HTTP://paceandcap.com while waiting for HTTPS://paceandcap.com (or HTTPS://sartinmethodology.com)

I hope that explanation is helpful, Dan!

Ted
__________________

R
DSS -
Racing Decision Support System™

Last edited by Ted Craven; 11-18-2021 at 07:51 PM. Reason: clarity
Ted Craven is offline   Reply With Quote