Church of ProZ: Otaku Fortress
Would you like to react to this message? Create an account in a few clicks or log in to continue.

We have migrated! To church of proz dot com!

WE ARE MIGRATING! CHECK THE ANNOUNCEMENTS!
Please remain calm and begin your designated migration procedure.
Currently Watching/Reading: Brisingr, Steins;Gate
the announcements dont stop getting more.....longways....
Calling anything foolproof is tempting fate.
We've recently switched to a new chat client, Riot.im! GET ON IT NAO
WE ARE MIGRATING! CHECK THE ANNOUNCEMENTS THREAD!
It has really been a while since I updated the announcements...better start timestamping stuff! -- May 19th, 2011
But actually I stopped because my announcements are too trivial and nonsensical to be worth remembering.
I leave the following line up for nostalgia purposes as well:
Hi I'm George Zimmerman, former CEO of the Men's Wearhouse. One day I saw a defenseless young Mandingo Navy League scholar who was on the run from a Russian billionaire walking down the street instead of hiding in the Walmart Maxipad section like he should be. I raped him with the hot coals of my eyes and put a knifegun to his throat. Rather than breaking the law and jaywalking, he stood his ground and declared "You won't dare harm me in the land of the free!" With furious masturbation I blew his soul straight down to the fifth layer of Baator, so that whenever you hear someone say that they are most certainly wrong. I guarantee it.
OOH HOO HOO HOO!!!!!
BSRPG is in full swing now, praise the lord!

Observatory by Mozilla

Church of ProZ: Otaku Fortress :: General :: Hax ^.^

Go down

Observatory by Mozilla Empty Observatory by Mozilla

Post by Zhu Yang 2016-08-26, 15:51

http://news.softpedia.com/news/mozilla-launches-free-website-security-testing-service-507648.shtml

Catalin Cimpanu wrote:Mozilla security engineer April King released a project called Observatory, a free website security scanning utility, similar to SSL Labs and High-Tech Bridge's scanning service.

The service, working on top of a Python codebase made available on GitHub, has been under development for months and was approved for a public launch only yesterday.

Observatory is aimed at developers, system administrators, and security professionals that want to configure sites to use modern security protocols.
"Service uses A to F scores to grade website security"

Observatory scans for the presence of basic security features and then gives out a grade from 0 to 130, which is then converted into an A to F score.

In its current form, the service scans for the following: [1] Content Security Policy (CSP) status, [2] cookie files using Secure flag, [3] Cross-Origin Resource Sharing (CORS) status, [4] HTTP Public Key Pinning (HPKP) status, [5] HTTP Strict Transport Security (HSTS) status, [6] the presence of an automatic redirection from HTTP to HTTPS, [7] Subresource Integrity (SRI) status, [8] X-Content-Type-Options status, [9] X-Frame-Options (XFO) status, and [10] X-XSS-Protection status.

All basic security recommendations, albeit extremely hard to implement, a reason why many websites still don't use them.
"Over 91% of current websites fail Observatory's tests"

According to King, who performed automatic scans of over 1.3 million websites, over 91 percent of modern-day websites fail Observatory's tests.

"When nine out of 10 websites receive a failing grade, it’s clear that this is a problem for everyone. And by “everyone”, I’m including Mozilla — among our thousands of sites, a great deal of them fail to pass," King wrote yesterday, revealing that Observatory was developed to help Mozilla tests their own domains first.


Church of Proz received an F - https://observatory.mozilla.org/analyze.html?host=churchofproz.forumotion.net
Zhu Yang
Zhu Yang
Archon
Archon

ProZ Degrees: Nasuverse Master
Posts : 2107
AwesomeSauce : 9

Back to top Go down

Back to top

- Similar topics

Church of ProZ: Otaku Fortress :: General :: Hax ^.^

 
Permissions in this forum:
You cannot reply to topics in this forum