Post Reply Why is Crunchyroll not secure?
85 cr points
Send Message: Send PM GB Post
20 / M / Canada
Offline
Posted 12/20/17 , edited 4/7/18
I'm just curious as to why crunchyroll is not a secure website. It has a lot of traffic and is the most popluar legal streaming site yet it can be comprimised? That makes no sense to me. Every other prominant website is secure like Twitter, Youtube, etc.. Here's a picture of what I'm talking about if you don't know. https://gyazo.com/93b6ab9690260dc0376e57f07aeb2cdd

This is what it's suppose to be: https://gyazo.com/951705b61280a5a383497d4615d667eb?token=6c5462b0d1543759ce147c26461b5495
5327 cr points
Send Message: Send PM GB Post
F / BuBbLeS!
Offline
Posted 12/20/17 , edited 10 days ago
it isn't that hard to secure a site but https is a start yes, however the real purpose of https is so IP and the net provider can't track what you're doing on a site, without it, then a large number of data is being collected, stashed and stored. not to mention without it, then it's pretty much an open playground for all sorts of nasties. however it truly doesn't protect your site from hackers, there is no 100% protection, I would imagine even the bestest of best have been hacked. but on average, https does start up a whole host of stopping the minor of hacking. whereas some places https does appear, I have seen it on guest pass area and probably the store (at least I hope so). otherwise, we'll have to wait and see what the developers/creators/etc/other are up to in the coming future.
54 cr points
Send Message: Send PM GB Post
23 / F / Australia
Offline
Posted 6/18/18 , edited 4 days ago
The actual login input page displays the secured symbol ... though you're right, the whole site should be secured.
29 cr points
Send Message: Send PM GB Post
28 / M
Offline
Posted 6/20/18 , edited 6/20/18
No need to secure public traffic, which is available for everyone. HTTPS is working only on pages which are sending private / sensitive data. It is a good practice to secure all traffic from the site so it cannot be intercepted within MITM attack, but it is not required in most cases.
11018 cr points
Send Message: Send PM GB Post
24
Offline
Posted 6/20/18 , edited 6/21/18

DreamyFox wrote:

No need to secure public traffic, which is available for everyone. HTTPS is working only on pages which are sending private / sensitive data. It is a good practice to secure all traffic from the site so it cannot be intercepted within MITM attack, but it is not required in most cases.


Including any content from untrusted sources or over insecure channels (i.e. HTTP) opens the website up to attack on the user end. Even on immutable pages with no separately loaded content, HTTP is not safe and can be exploited.
3005 cr points
Send Message: Send PM GB Post
Offline
Posted 10 days ago , edited one day ago
Yeah i feel like people know what im watching lol. Thanks Crunchy roll for being so shitty. Everyone and there dog uses ssl, but you. Take some lessons from netflix you incompetent company. Such a waste of money going to switch soon. The video playback does not even work properly and constanly just halts midway. I'm under the suspicion that it is related to this as I constantly have decoding issues according to the developer console. Failed to load resource: net::ERR_CONTENT_DECODING_FAILED
You must be logged in to post.