Welcome Guest
Log In | Register )
You last visited December 5, 2016, 9:28 am
All times shown are
Eastern Time (GMT-5:00)

Lottery Post moves to total encryption

Lottery Post Site NewsLottery Post Site News: Lottery Post moves to total encryption
513
Rating:

All 2 million+ pages of website now secured by SSL encryption

By Todd Northrop

As of June 26, 2015, Lottery Post is serving all of its pages over SSL encryption.

Previously, security-critical portions of the website, such as the Log In page and the password change page, were protected by SSL encryption, but the remainder of the site was transmitted over normal, non-encrypted HTTP communications.

To make the transition to all-SSL connections, the website is currently redirecting all non-SSL connections to the SSL-protected version of the site.  The result is a lot more privacy for users.

SSL connections are the encrypted communications abilities built into web browsers like Internet Explorer and Google Chrome that allow activities like banking transactions to remain secure.  A web user knows their connection is secured by examining the URL (web address) of the website and seeing it begin with "https://".

SSL works in three steps: First, it validates the identity of a website; then, it creates an encrypted connection; finally, it makes sure that the data was sent without an issue.

Lottery Post goes one step further to demonstrate security to its visitors and members by employing an "Extended Validation" (EV) security certificate, which appears as a green color in the web address display of the web browser.  An illustration of the appearance of the EV certificate in Google Chrome can be found below.

An EV certificate clearly shows to web visitors that they are visiting the actual page they are trying to reach, and it has not been "hijacked" by a hacker or malware.  Lottery Post's EV certificate shows the company name "Speednet Group LLC" — the company that owns and operates the website.

Lottery Post also employs the use of HTTP Strict Transport Security, which is supported in modern web browsers.  This technique sends a signal to the web browser, indicating that the website is completely encrypted, and that all future communications with the website should be always directed through an encrypted (SSL) channel.  It is a method to prevent hackers from employing a so-called "man-in-the-middle" attack to steal sensitive information passed between the web browser and the Lottery Post website.

Moving Lottery Post to complete encryption was far more difficult than most websites, not only because of the sheer volume of web pages (more than 2 million), but also because of the nature of the content posted by users on the forums and blogs.

Lottery Post members are free to post images on the forums and blogs, and most of those images are hosted on non-secure image hosting services, such as imgur, Photobucket, and other such services.  If a secure web page included non-secure images, the web browser would issue warnings to the user and perhaps refuse to display the page at all.

The developer of Lottery Post invented a technique to continue to allow users to publish whatever non-secure images they wish, but when the forum page displays the image, it is automatically re-hosted at a secure Lottery Post service, and transmitted over the same encrypted communications that the rest of the page is transmitted.

In doing so, Lottery Post has dedicated a tremendous allocation of effort and data storage to ensure 100% security to its members and visitors.

When users connect to any website over SSL a network snoop can see that the person is communicating with the website, but the content of their communication with the site is entirely private.  That means that even though network operators can see that users are connecting to Lottery Post, they can't see what username they're logged in under or which posts they're submitting to the site.

Major websites have switched over to default encryption in recent weeks, including Wikipedia, Reddit, and all federal websites, driven largely by security concerns.  SSL also prevents attackers from injecting malware into an otherwise legitimate data stream, an increasing concern in the wake of the Snowden leaks.

Why this matters: Knowing how expansive online government surveillance is, HTTPS is a critical tool for retaining privacy. It can't stop your ISP from knowing which sites you visit, but it can stop anyone from passively reading your traffic.  Privacy isn't the only reason to add HTTPS, however, as HTTPS can help defend against malicious attacks such as session hijacking.

News story photo(Click to display full-size in gallery)

Lottery Post Staff

We'd love to see your comments here!  Register for a FREE membership — it takes just a few moments — and you'll be able to post comments here and on any of our forums. If you're already a member, you can Log In to post a comment.

39 comments. Last comment 1 year ago by pickone4me.
Page 1 of 3
MzDuffleBaglady's avatar - Lottery-018.jpg

United States
Member #81314
October 16, 2009
18985 Posts
Online
Posted: June 26, 2015, 9:47 am - IP Logged

I have AVG secure search, and it has the same security.Party

Great!!!!

 

Thank you!

The Struggle is real!

    ThatScaryChick's avatar - x1MqPuM
    Idaho
    United States
    Member #56506
    November 21, 2007
    6537 Posts
    Offline
    Posted: June 26, 2015, 9:48 am - IP Logged

    Thank you, Todd for all the hard work you do to provide us with a safe and informative site! Smile

    "No one remembers the person who almost climbed the mountain, only the person who eventually gets to the top."

      CutlassBob's avatar - Sphere animated2.gif
      Harrison Township Michigan
      United States
      Member #90088
      April 21, 2010
      4265 Posts
      Offline
      Posted: June 26, 2015, 9:50 am - IP Logged

      Excellent update. Thanks to the LP admin...

       "You can't handle the truth!" Nicholson.

        lothob's avatar - chi jpeg.jpg

        United States
        Member #60481
        April 20, 2008
        7053 Posts
        Offline
        Posted: June 26, 2015, 10:05 am - IP Logged

        Thanks for remembering our need for privacy Todd and kudos for continuing to innovate this great site!

        "He who is not courageous enough to take risks will accomplish nothing in life."  Muhammad Ali

          uprrman's avatar - nw bookeep.jpg
          harvard,il
          United States
          Member #96756
          September 4, 2010
          2436 Posts
          Offline
          Posted: June 26, 2015, 10:13 am - IP Logged

          Thanks for remembering our need for privacy Todd and kudos for continuing to innovate this great site!

          I Agree! thanks todd

          i want to be a millionaire a second time!

            Technut's avatar - moon
            3rd Rock from Sun
            United States
            Member #159103
            September 13, 2014
            151 Posts
            Offline
            Posted: June 26, 2015, 10:56 am - IP Logged

            Thanx Todd

            Yesterday is History, Tomorrow is a Mystery, Today is a gift that's why it's called the PRESENT! (c8

              JADELottery's avatar - MeAtWork 03.PNG
              The Quantum Master
              West Concord, MN
              United States
              Member #21
              December 7, 2001
              3675 Posts
              Online
              Posted: June 26, 2015, 11:08 am - IP Logged

              Excellent.

              Now we don't have to keep typing the https on certain network connections.

              Presented 'AS IS' and for Entertainment Purposes Only.
              Any gain or loss is your responsibility.
              Use at your own risk.

              Order is a Subset of Chaos
              Knowledge is Beyond Belief
              Wisdom is Not Censored
              Douglas Paul Smallish
              Jehocifer

                plumsage's avatar - rinard

                United States
                Member #132459
                September 4, 2012
                287 Posts
                Online
                Posted: June 26, 2015, 11:50 am - IP Logged

                Good work Todd to you and your staff!

                Happy healthy wealthy and wise.

                  Avatar
                  Simpsonville
                  United States
                  Member #163189
                  January 22, 2015
                  668 Posts
                  Offline
                  Posted: June 26, 2015, 12:05 pm - IP Logged

                  Thank you so much Todd for this.

                    mjwinsmith's avatar - moon

                    United States
                    Member #391
                    June 8, 2002
                    16062 Posts
                    Online
                    Posted: June 26, 2015, 12:16 pm - IP Logged

                    Thanks Todd.

                    "Don't be a Dummy, Make 'Dat Money"

                    Mjwinsmith's Blog Page:   http://blogs.lotterypost.com/mjwinsmith/

                    "How to Play My Pick-4 System": https://www.lotterypost.com/thread/306450

                      mysteque's avatar - Lottery-050.jpg
                      Princeton
                      United States
                      Member #141852
                      April 25, 2013
                      4672 Posts
                      Online
                      Posted: June 26, 2015, 12:31 pm - IP Logged
                        Original Bey's avatar - Lottery-022.jpg

                        Bahamas
                        Member #133462
                        September 30, 2012
                        5946 Posts
                        Offline
                        Posted: June 26, 2015, 12:34 pm - IP Logged

                        Todd it truly speaks to your character and passion for what you do that without suggestion or complaint you continually seek out ways to make the best lottery site globally even better! Hopefully Lady Luck will honor you with a lifetime achievement award (aka Big Win) very soon. Kudos! Cheers

                        "Everything works  ONCE!"

                          Todd's avatar - Cylon 2.gif
                          Chief Bottle Washer
                          New Jersey
                          United States
                          Member #1
                          May 31, 2000
                          23260 Posts
                          Online
                          Posted: June 26, 2015, 12:43 pm - IP Logged

                          Thanks for the nice comments!  It is indeed a big step for LP, but also it was a real challenge (see the news story).

                          With over 2 million pages converted, there may well be a few straggling "rough spots" where something doesn't work perfectly.  If you notice something like that — where something was working before and now suddenly there is an error or doesn't work properly — please send me a quick note to let me know.  Thanks!

                           

                          Check the State Lottery Report Card
                          What grade did your lottery earn?

                           

                          Sign the Petition for True Lottery Drawings
                          Help eliminate computerized drawings!

                            noise-gate's avatar - images q=tbn:ANd9GcR91HDs4UJhjxO7cmeMQWZ5lB_FOcMLOGicau4V74R45tDgPWrr
                            Bay Area - California
                            United States
                            Member #136477
                            December 12, 2012
                            4105 Posts
                            Offline
                            Posted: June 26, 2015, 1:09 pm - IP Logged

                            Wow Todd- last week you gave us Lotteryplaces, this week you give us this.l think it was Sir Isaac Newton who said " if l have seen further,  it's because I stood on the Shoulders of Giants"..Thanks for all you do, l salute you.

                            Be well.

                            People who say it cannot be done should not interrupt those who are doing it- George Bernard Shaw.