wizardofodds security certificate expired

FYI. The security certificate for wizardofvegas.com expired on June 23, 2017.

Quote: jsg

FYI. The security certificate for wizardofvegas.com expired on June 23, 2017.

Wov is https??

I can't tell since I'm on my phone

People have noticed WOV cant be viewed by some casinos WIFI. I can't view it via Walmart WiFi.

Quote: AxelWolf

People have noticed WOV cant be viewed by some casinos WIFI. I can't view it via Walmart WiFi.

I'm always paranoid posting on casino wifi. No SSL means they could read all your posts+pms if you're wearing the tinfoil.

Plus I've heard confirmed reports of security reading text messages on phones via cameras. Gives me the creeps.

Quote: gamerfreak

I'm always paranoid posting on casino wifi. No SSL means they could read all your posts+pms if you're wearing the tinfoil.

Plus I've heard confirmed reports of security reading text messages on phones via cameras. Gives me the creeps.

that's why all texts in a casino should start out with....Where's the 6/5 JOB and 6:5 BJ?

Quote: gamerfreak

I'm always paranoid posting on casino wifi. No SSL means they could read all your posts+pms if you're wearing the tinfoil.

Plus I've heard confirmed reports of security reading text messages on phones via cameras. Gives me the creeps.

whoa.. what?!

how do I force my phone to https for Wov?

We're vulnerable to being molested by sexual predators now thanks to this. Even the ones caught on To Catch A Predator that haven't killed themselves with a clilclo.

Quote: 100xOdds

whoa.. what?!

how do I force my phone to https for Wov?

I'm not sure if they have a SSL cert for this site, but if they do it's definitely not configured properly. Putting https in front of the URL breaks the site on my phone.

I'm not trying to be alarmist and suggest that all casinos are actively combing through their wifi traffic, but from a technical standpoint, anything transmitted to/from a non-ssl site (even passwords) is completely viewable by ANYONE connected to that wifi network.

If you're worried at all my only suggestion is not to use the wifi. I've never heard of any confirmed reports of casino wifi snooping, but reputable AP's have confirmed they 100% can and have read messages through surveillance cams.

This site should really have SSL though. It's neither expensive or complicated to implement.

Forgive my ignorance, but I thought that was only a concern on sites where you pay by credit card.

Quote: gamerfreak

I'm always paranoid posting on casino wifi. No SSL means they could read all your posts+pms if you're wearing the tinfoil.

Plus I've heard confirmed reports of security reading text messages on phones via cameras. Gives me the creeps.

I used color coded strategy charts for years. For the last few years I have taken pictures of the printed charts and used my cell phone while playing. I never had one problem yet but that doesn't mean anything I suppose. I guess they could care and could be watching me look up holds but if that is the case I don't understand why I haven't been approached ever? The only problem I have ever had so far with machine play is one Casino decided to No Mail me and Cut my Players Card but they don't seem to mind the rest of my family playing the same games. The only other problem I have had was over 20 years ago when I was counting cards but that is because they didn't use the Chinese Decks like today.

Interesting note: I used to play this Full Pay 5 way progressive bank and I would see this one old timer with a 50 page printout that looked like a homemade book. He would literally check each hold against what the numbers currently were. He knew all the Slots People and Waitresses. I thought he was out of his mind but they never bothered him... quite the opposite. Do AP's get 86'd or have problems? They certainly do but it usually isn't for looking up holds... it is usually other offenses that is causing problems. This is just my opinion and personal experience though. I might just run better than most players in this area. I've had times where I am playing two machines as fast as possible on some good promo and management watching me but still no trouble. Oddly enough I have one Casino giving me an award for my gambling but I have conflicting emotions about it. I don't want to show up and accept this award but I don't want to upset the people who nominated me and went to the trouble to invite me to all the hoopla. I am hoping to talk to some of these employees soon and decide the best course of action... maybe I can be out of town that weekend and they can accept on my behalf.

EDIT: The other day I was walking through the Casino and on this full pay bank I seen a couple of obvious pros. They were easy to spot since they had huge headphones on and staring at the machines like zombies playing as fast as possible. I never seen security throw these type of players out and they are easy to spot from a mile away. Ace Rothstein was right when he said... In the rest of the country they would be putting me in jail for what I am doing but out here in Vegas they are giving me awards.

Quote: 100xOdds

Wov is https??

I can't tell since I'm on my phone

https is not run as default and if you access wizardofvegas.com over https, your browser will display message like "Your connection is not secure" because the security cert of WoV expired. As a site that requires users to login (e.g. the forums at WoV) https should always be run as default.

Oops, just noticed that the title of the thread has "wizardofodds", which was wrong, should have been wizardofvegas. Sorry about that.

The issue of HTTPS/SSL encryption for the wizardofvegas.com site was discussed in the New login with Firefox 52 thread. It takes only a few minutes and costs nothing to set up encryption for a well-designed site. In the referenced thread Zuga says the plan is to provide encryption for wizardofvegas.com as is done for wizardofodds.com. Should happen any time now...

Install and use a free VPN service while in the casino if security with unencrypted connections is an issue for you. The connection still won't be secure end-to-end, but the casino won't be able to sniff your traffic.

Quote: billryan

Forgive my ignorance, but I thought that was only a concern on sites where you pay by credit card.

That's usually what malicious individuals on wifi are looking for, but obviously the casino's could have other interest.

Anything you load or submit on this site is transferred over the network in plain text that anyone on the wifi could see (including passwords).

Quote: gamerfreak

Anything you load or submit on this site is transferred over the network in plain text that anyone on the wifi could see (including passwords).

Not so if you use a VPN and connect to the casino WiFi. Data is encrypted from your device to the exit end of the VPN pipe. From there, yes, it is plain text if the destination site doesn't support an encrypted connection. But to the point the VPN traffic, which is what the casino handles, IS encrypted.

Quote: BleedingChipsSlowly

Not so if you use a VPN and connect to the casino WiFi. Data is encrypted from your device to the exit end of the VPN pipe. From there, yes, it is plain text if the destination site doesn't support an encrypted connection. But to the point the VPN traffic, which is what the casino handles, IS encrypted.

Yea I understand VPN, but I doubt many people are using it.

The security cert has still not been renewed yet. It's pathetic that a well known site in gaming community doesn't take basic security procedure seriously.

Most people are not sophisticated enough to understand the differences between http and https and its meanings.

Since our passwords can be seen over cleartext I have gone down the route of using a unique password only for this site. Everyone else should do the same.

if a wifi sniffer catches that password and that same password is used for one of your email accounts, they can then hack into whatever is linked into your email, especially if you have the same password for those sites. Don't be naïve. This type of hack happens all of the time.

WoV get it right please.