TexasCHLforum.com

longtooth wrote:I like the form.
Wish it was secure too. I dont know enough about that to talk but know when to agree w. the guys & gals that do.

LT,

I decided to go ahead and write the technical folks at Texas Online Help and ask them to confirm that the site is properly secured. Will post their response when I get one.

longtooth wrote:I like the form.
Wish it was secure too. I dont know enough about that to talk but know when to agree w. the guys & gals that do.

LT, you can recognize if a site is secured or not (generally) if it's website address begins with "https://" instead of the regular "http://".

Thank you sir. & I always like reading your Signature line. 'specially the 1st one.

Quahog wrote:

chabouk wrote:

Quahog wrote:
Didn't notice HTTPS on the log-in.

Even if no one else caught it, I understand your point. For everyone else: this is not a secure connection. If you're typing in your "DL#, SSN# and DOB", you're sending it in the clear, subject to interception.

Bad, bad form by DPS to offer this change without SSL.

Thanks chabouk... maybe I lean towards being over-cautious but I look for these things to protect my identity.

Good eye Quahog! The previous log in site WAS secure. This has to be some kind of mistake. I would not apply if it hadn't have been(secure). IMO no one should. I hope DPS rectifies their misteak.

The Annoyed Man wrote:

longtooth wrote:I like the form.
Wish it was secure too. I dont know enough about that to talk but know when to agree w. the guys & gals that do.

LT, you can recognize if a site is secured or not (generally) if it's website address begins with "https://" instead of the regular "http://".

And, depending on your browser, the URL bar turns bright green or blue or some other color, and changes form a bit.

Someone in the "Waiting Room" said they talked to DPS and that the new site wasn't complete. Apparently there's a version that will require your PIN. One may also assume that a secured version will be coming when they update to require the PIN... though we know what happens when we assume!

They have fixed the security issue. The site is secure as of around lunch time.

joe817 wrote:

Quahog wrote:

chabouk wrote:

Quahog wrote:
Didn't notice HTTPS on the log-in.

Even if no one else caught it, I understand your point. For everyone else: this is not a secure connection. If you're typing in your "DL#, SSN# and DOB", you're sending it in the clear, subject to interception.

Bad, bad form by DPS to offer this change without SSL.

Thanks chabouk... maybe I lean towards being over-cautious but I look for these things to protect my identity.

Good eye Quahog! The previous log in site WAS secure. This has to be some kind of mistake. I would not apply if it hadn't have been(secure). IMO no one should. I hope DPS rectifies their misteak.

Well, they didn't answer my email but they did fix it. Go there now and it's HTTPS!

krofang wrote:They have fixed the security issue. The site is secure as of around lunch time.

Ooops... I didn't see your post before I added mine. I feel better knowing this stuff is not under prying eyes.

chabouk wrote:

Quahog wrote:

Fire1141 wrote:Just looked at the site. Much better info given. Nice job DPS.

Didn't notice HTTPS on the log-in.

Even if no one else caught it, I understand your point.

For everyone else: this is not a secure connection. If you're typing in your "DL#, SSN# and DOB", you're sending it in the clear, subject to interception.

Bad, bad form by DPS to offer this change without SSL.

It redirects to a secure session, even if you type in http. I just went in to update my email address to verify it. It was a secure connection on the redirect.

foodawg wrote:It redirects to a secure session, even if you type in http. I just went in to update my email address to verify it. It was a secure connection on the redirect.

It does now that they fixed it... but it didn't before.

Who ever heard of releasing code without testing it in the first place?

Quahog wrote: Who ever heard of releasing code without testing it in the first place?

I don't know of anyone in IT that does that.

Sorry...hit my professional funny bone there.

I'm not sure how I feel about that new site. I really like how it's set up but I don't know if would like to know every little thing that's going on or have it say proccesing application for a few weeks like mine did. It's almost like there's too much stuff to worry about seeing everything in a list like that. My favorite part about the site is it says manufacturing under all those completed and valids that I have

Howdy,

I'm new to posting, but after going to Texas Online and poking around, I found this "TexasOnline was established by the Texas Department of Information Resources (DIR) and is managed by Texas NICUSA, LLC." (link: http://www.texasonline.com/portal/tol/en/about-us" onclick="window.open(this.href);return false;).

I take that to mean Tx DIR was at some point handed "techie stuff" from various other departments, then turned around and out-sourced it or parts of it to yet another group. So, though testing may or may not have happened on the DPS side, it also may or may not have happened on the side of "Texas NICUSA, LLC." I'm happy that it is secure now, but out of general curiosity I think I'll poke around some more.

404 error Tried a few more times and it works. I'll have to poke around some. Shows https and is signed by Verisign. Seems to be secure to me.