Go Back   Pace and Cap - Sartin Methodology & The Match Up > RDSS > RDSS2 / FAQ's
Mark Forums Read
Google Site Search Get RDSS Sartin Library RDSS FAQs Conduct Register Site FAQ Members List Search Today's Posts

RDSS2 / FAQ's Information, discussion, screenshots, videos about the upcoming version, FAQ's

Reply
 
Thread Tools Display Modes
Old 11-17-2021, 10:11 PM   #1
DanBoals
Grade 2
 
Join Date: Apr 2009
Location: Reno, NV
Posts: 93
Security Questions

Hey Ted,

I added a new hard drive to my laptop and re-installed the operating system to Windows 10, so I was installing RDSS 2.2 onto the laptop and came across two things that were of some concern.

1) Paceandcap.com is not secure. Is there a reason it does not use https?

2) Avast antivirus software flagged RDSS 2.2 as having a virus.

Thought I would bring this to your attention in case you were not aware.

Thanks,

Dan
DanBoals is offline   Reply With Quote
Old 11-18-2021, 06:36 PM   #2
DanBoals
Grade 2
 
Join Date: Apr 2009
Location: Reno, NV
Posts: 93
CertBox

This might help

https://certbot.eff.org/
DanBoals is offline   Reply With Quote
Old 11-18-2021, 08:09 PM   #3
Ted Craven
Grade 1
 
Ted Craven's Avatar
 
Join Date: Jun 2005
Location: Nanaimo, British Columbia, Canada
Posts: 8,223
Dan,

1. The server provider (Midphase.com) we use for Paceandcap.com and for SartinMethodology.com - we maintain 2 separate active domains and several aliases - DOES indeed provide HTTPS (secure) certificates. The issue has always been that over 16 years of Forum posts there are literally THOUSANDS (and thousands) of explicit links to documents or other interlinked posts at HTTP://paceandcap.com or HTTP:/sartinmethodology.com which would have to be changed once the HTTP went away and was replaced by HTTPS.

I asked this question quite explicitly to the Hosting company tech support at least twice in the past 5 years and they advised that while simple http://paceandcap.com (i.e. main page) could be forwarded to https://paceandcap.com, such forwarding would not cover more extended virtual links to individual Forum posts or embedded images (e.g. http://paceandcap.com/forums/showthread.php?p=140957 ). They suggested I could hire someone to do a bulk search and replace of all HTTP links in the entire 16 year database. To date I have not undertaken that. If you know of someone who can do this at a reasonable price, please let me know. Otherwise, depending on how much people complain, it is lower down on my To Do list. I do appreciate the stigma of simple HTTP these days, and your query is not at all without merit!

2. Avast and many other anti-virus checkers are over-eager in their willingness to flag as malicious any software which does not have an Authentication Certificate (which RDSS software does not, yet), though to be fair they are just doing the job you purchase them to do. Such an Authentication Certificate encodes data into the Installer File which reports whether the file has been modified (e.g. for viruses) after the publisher made it available.

Digital Authentication Certificates used to cost around $1500 ($US) annually but now cost much less and that IS on my list for 2022. (Looking at Comodo.)

Meanwhile, every RDSS Install Package I post for download has been scanned by my Trend Micro file virus checker before I upload it. I know it still does not help when your own virus checker flags it as malicious. It's up to you whether to believe your anti-virus program or take my word for it that it's clean.

3. You did not specifically mention it, but web-browsers also sometimes do not like to download files from non-HTTPS secure certificated websites and throw off a warning, then just quit without doing anything. (I have for years documented this tendency on the RDSS Download page). I am in discussions with TrackMaster/Equibase to relocate the RDSS Install download to the TrackMaster/Equibase's website, which is indeed secure (HTTPS). Sometime next year, along with a few other TrackMaster-related changes.

In the meanwhile, simply tell your browser when it complains that it's OK to download the RDSS Install package, and tell Windows that it's OK to RUN this Installer (typically by reading the progress messages or pop-up windows and always selecting, 'Tell me More', 'Do it anyway', 'I trust this site/software', etc). And don't worry too much about HTTP://paceandcap.com while waiting for HTTPS://paceandcap.com (or HTTPS://sartinmethodology.com)

I hope that explanation is helpful, Dan!

Ted
__________________

R
DSS -
Racing Decision Support System™

Last edited by Ted Craven; 11-18-2021 at 08:51 PM. Reason: clarity
Ted Craven is offline   Reply With Quote
Old 11-18-2021, 11:03 PM   #4
DanBoals
Grade 2
 
Join Date: Apr 2009
Location: Reno, NV
Posts: 93
Makes sense.

I sent a message to Avast saying that the flagging of RDSS was a false positive and they are supposed to review it. Hopefully, it will not flag it for other people in the future.
DanBoals is offline   Reply With Quote
Old 11-18-2021, 11:05 PM   #5
Ted Craven
Grade 1
 
Ted Craven's Avatar
 
Join Date: Jun 2005
Location: Nanaimo, British Columbia, Canada
Posts: 8,223
Quote:
Originally Posted by DanBoals View Post
Makes sense.

I sent a message to Avast saying that the flagging of RDSS was a false positive and they are supposed to review it. Hopefully, it will not flag it for other people in the future.
Thanks for doing that Dan! Greatly appreciated

Ted
__________________

R
DSS -
Racing Decision Support System™
Ted Craven is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Maximum Security ScottB General Discussion 1 11-13-2020 08:56 PM
RDSS2 - FAQs (Frequently Asked Questions) Ted Craven RDSS2 / FAQ's 70 08-05-2020 03:51 PM
Security Error Loading Old Programs oswaldrha Classic Sartin Programs - Support, Discussion 5 05-14-2018 08:24 PM
'Heartbleed' Security Bug - TrackMaster NOT affected Ted Craven General Discussion 0 04-11-2014 11:30 AM
Frequently Asked Questions (FAQ) Ted Craven RDSS 3 09-16-2010 09:27 AM


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2021, vBulletin Solutions Inc.

All times are GMT -4. The time now is 06:23 AM.