Previous Thread
Index
Next Thread
Print Thread
Go To
Page 1 of 2 1 2
Off-Topic
Joined: Jul 2002
Posts: 3,563
P
Veteran
OP Offline
Veteran
P
Joined: Jul 2002
Posts: 3,563


Lenovo YOGA 900 Window s 10 Home 64bit 16GB RAM\2018 13” MacBook Air casio wk7500 presonus audiobox i2 usb interface
casio wk-7500
biab & realband 2023 everything pk both with Current builds
Off-Topic
Joined: Oct 2016
Posts: 1,558
Expert
Offline
Expert
Joined: Oct 2016
Posts: 1,558
The irony of it all. Google warning users about privacy. Not to worry. Tim Lee is working on it & soon we will have sites not even Google can track.


Link: www.soundcloud.com/ed_shaw (Feel Free to Use)
https://drooble.com/edward.shaw/hymn/index.htm
Biab for WIN 2020 -- Win 10 64bit -- Reaper/Audacity
Zoom R-16 -- Tascam DP-03-SD -- SoundTap -- Crescendo --
Off-Topic
Joined: Oct 2007
Posts: 4,245
Veteran
Offline
Veteran
Joined: Oct 2007
Posts: 4,245
I just loaded it in Chrome. No problems.

Off-Topic
Joined: Jul 2002
Posts: 3,563
P
Veteran
OP Offline
Veteran
P
Joined: Jul 2002
Posts: 3,563
Google Chrome is up to date
Version 70.0.3538.77 (Official Build) (64-bit)


Lenovo YOGA 900 Window s 10 Home 64bit 16GB RAM\2018 13” MacBook Air casio wk7500 presonus audiobox i2 usb interface
casio wk-7500
biab & realband 2023 everything pk both with Current builds
Off-Topic
Joined: Oct 2008
Posts: 18,838
Veteran
Offline
Veteran
Joined: Oct 2008
Posts: 18,838
Mike,

When I go to www.pgmusic.com, Firefox also tells me that it's not secure. This is also true of the forums. Since these are free, public websites, though, do they need to be secure?

When I log-in into my PG Music sales account, that part of the site is secure. This is the part that matters to me because it contains important personal information.

Regards,
Noel


MY SONGS...
Audiophile BIAB 2024
Off-Topic
Joined: Nov 2008
Posts: 1,382
K
PG Music Staff
Offline
PG Music Staff
K
Joined: Nov 2008
Posts: 1,382
Exactly. Most of the site isn't secure, and has no reason to be.

The entire ordering process, everything to do with your account, and the online chat service, are all secure to protect your personal info and credit card numbers.

Thanks
Kent
PG Musc

Off-Topic
Joined: May 2000
Posts: 21,609
Veteran
Offline
Veteran
Joined: May 2000
Posts: 21,609
I deal with this every day.
Most browsers are now pointing out a 'not secure connection', even when a secure connection isn't needed.
They did give developers a little warning, but it's a pretty aggressive change.
At work, we are seriously considering paying a couple grand a year to alleviate the problem .. per server on multiple servers.

On the flip side there's really no need for a browser to point out the connection is 'not secure' when it doesn't need to be secure.
Secure is of course better, but browsers are indeed leaning to alarming the user unnecessarily.

They need to give SysAdmins a little more time to adapt, and the Consumer a little more time to absorb the cost (costs get passed on).
If I gotta make a server 'all https' (secure) it costs me more .. and therefore your charges go up to cover it.

FWIW I'm cool with wanting a totally encrypted internet (which is all this initiative really is) but it will indeed cost more. So don't complain unless you are willing to pony up ..
smile
/just my thoughts


Make your sound your own!
.. I do not work here, but the benefits are still awesome
Off-Topic
Joined: Nov 2007
Posts: 5,089
Veteran
Offline
Veteran
Joined: Nov 2007
Posts: 5,089
Yes, it's a real PITA.

The people that host my website, www.blue-attitude.net, told me that this change was coming a while ago and offered to add the security certificate needed so it would be https instead of http. For a price of course!

They say that many people will not proceed if their browser tells them the site is not secure, and I'm sure that is true. Same deal, my website is information only, doesn't need to be secure.

Off-Topic
Joined: Jun 2012
Posts: 3,558
J
Veteran
Offline
Veteran
J
Joined: Jun 2012
Posts: 3,558
Originally Posted By: rharv
I deal with this every day.
Most browsers are now pointing out a 'not secure connection', even when a secure connection isn't needed.
They did give developers a little warning, but it's a pretty aggressive change.
At work, we are seriously considering paying a couple grand a year to alleviate the problem .. per server on multiple servers.

On the flip side there's really no need for a browser to point out the connection is 'not secure' when it doesn't need to be secure.
Secure is of course better, but browsers are indeed leaning to alarming the user unnecessarily.

They need to give SysAdmins a little more time to adapt, and the Consumer a little more time to absorb the cost (costs get passed on).
If I gotta make a server 'all https' (secure) it costs me more .. and therefore your charges go up to cover it.

FWIW I'm cool with wanting a totally encrypted internet (which is all this initiative really is) but it will indeed cost more. So don't complain unless you are willing to pony up ..
smile
/just my thoughts

It is a non-issue since anyone can simply use Let's Encrypt for free and the problem is solved!

https://letsencrypt.org/

And yes, I know not all web hosting companies support it but they should and will. If yours does not then switch to someone modern!

And a company like PG should obviously secure their entire website because it is not just security warnings...Google is penalizing non-secure sites in search results!

Last edited by JohnJohnJohn; 11/01/18 04:53 AM.
Off-Topic
Joined: Jul 2002
Posts: 3,563
P
Veteran
OP Offline
Veteran
P
Joined: Jul 2002
Posts: 3,563
Originally Posted By: Kent - PG Music
Exactly. Most of the site isn't secure, and has no reason to be.

The entire ordering process, everything to do with your account, and the online chat service, are all secure to protect your personal info and credit card numbers.

Thanks
Kent
PG Musc

Thanks for the clarification Kent


Lenovo YOGA 900 Window s 10 Home 64bit 16GB RAM\2018 13” MacBook Air casio wk7500 presonus audiobox i2 usb interface
casio wk-7500
biab & realband 2023 everything pk both with Current builds
Off-Topic
Joined: Jun 2012
Posts: 3,558
J
Veteran
Offline
Veteran
J
Joined: Jun 2012
Posts: 3,558
Originally Posted By: Kent - PG Music
Exactly. Most of the site isn't secure, and has no reason to be.

Actually there are 3 reasons...

1) https actually does improve security for everyone using the web
2) browsers now warn your customers that you are not secure and you can lose business because of those warnings whether you agree with them or not
3) Google will penalize you in search results for having a non-secure site

Off-Topic
Joined: Jun 2005
Posts: 7,687
Veteran
Offline
Veteran
Joined: Jun 2005
Posts: 7,687
This is the world we live in so get used to it.

I've posted many times about what we have to do at the CPA firm now and how using Win 10 with Edge is the most secure way to go unless you want to go to using an old computer as a server/firewall. I'll say it again for the unteenth time if you're not using a fully up to date Win 10 OS then you simply don't care about security. Win 7 cannot be patched up to the level of Win 10. This goes to show how the hackers keep making our lives more and more restricted. Most folks think of hackers as some kid in his mothers basement. No, the hackers I'm talking about are very large international organized crime groups based in fun places like Russia, North Korea, China, etc. They're dealing with billions of dollars.

The IRS started new procedures several years ago to make our online lives easier when dealing with them and then they were forced to take it all back when the hacking got worse. As a tax pro I used to be able to login, pull up a clients info and do certain things right there online. Now, they've cut that back, I can only do some of what I used to do and I'm forced to call them and wait on hold for up to an hour. Then they go through an ID authentication process to verify who I am before they release any taxpayer info. People like me are supposed to be sharp enough to understand all this but the average person who has little clue? Forget it. It's a total PIA for me to get info I need about a client quickly and easily.

It's all about hackers and it's filtering down to everybody now.

Those of you in the IT/security field know what I'm talking about. The majority of folks still have little clue about any of this and we see it even on this forum even though musicians tend to be more technical minded than most.

Bob


Biab/RB latest build, Win 11 Pro, Ryzen 5 5600 G, 512 Gig SSD, 16 Gigs Ram, Steinberg UR22 MkII, Roland Sonic Cell, Kurzweil PC3, Hammond SK1, Korg PA3XPro, Garritan JABB, Hypercanvas, Sampletank 3, more.
Off-Topic
Joined: Aug 2014
Posts: 7,663
Veteran
Offline
Veteran
Joined: Aug 2014
Posts: 7,663

Dear John,

Thank you for this. I will have someone explore this for me and try to use this on my behalf, because I don't have time to stay on the phone with Network Solutions all day. Thanks again for the nice tip.

Do you know by any chance if Network Solutions allows this? The last time I discussed, I think it was an extra $250 per site and of course THEY wanted to do it/sell it instantly.

I have 5 websites. So that would be a over $1,200 a year in residual recurring revenue income for a plug-in for someone. For doing nothing, of course.

I wonder about the economics of this. Is Google getting a cut from hosting companies? My hosting package from Network Solutions that allows me to have and build 5 websites is $175 a year.

To make all of those "secure" (and they are only informational) would increase my costs sevenfold--for a line of code and a green sticky from Chrome. Thanks!

It's like the phone company. AT&T makes no profit, I have heard, on the phone line. But they make, I dunno, 3000% margins or something on the voicemail that was a program written once 30 years ago.

I think this is all about tech companies wanting to sell people code, or force them to buy it, in a country that no longer grows potatoes.

Or as a WSJ senior writer said in a front page WSJ article earlier this year about his father-in-law who had lost his job as sales person and would never be employed again:

In the near future there will be two jobs.

1.) Sleeping under a bridge.

2.) Working for Amazon so you can buy stuff from Amazon.

Off-Topic
Joined: May 2000
Posts: 21,609
Veteran
Offline
Veteran
Joined: May 2000
Posts: 21,609
JJJ,
If you had a production server, would you rely on letsEncrypt?
Not me.

And Google does not 'penalize' sites without SSL, though they do give a 'slight' advantage to those that do have it (not a minus but rather a very slight plus in rankings).

We take security seriously on our servers, and I'd rather pay for an SSL with a reliable warranty than go down the letsEncrypt path. wink

Hopefully someday the internet is all encrypted safely, but we're not there yet.

Last edited by rharv; 11/01/18 03:00 PM.

Make your sound your own!
.. I do not work here, but the benefits are still awesome
Off-Topic
Joined: Jun 2012
Posts: 3,558
J
Veteran
Offline
Veteran
J
Joined: Jun 2012
Posts: 3,558
Originally Posted By: rharv
If you had a production server, would you rely on letsEncrypt?

Yes. Absolutely! The vast majority of non-commerce sites will do just fine with Let's Encrypt. As you said earlier, "there's really no need for a browser to point out the connection is 'not secure' when it doesn't need to be secure". So for all of those sites, Let's Encrypt fits the bill perfectly.

Originally Posted By: rharv
And Google does not 'penalize' sites without SSL, though they do give a 'slight' advantage to those that do have it (not a minus but rather a very slight plus in rankings).

Call it what you want. Sites that are secure get better search engine positioning than non-secure sites. And Google is notoriously secretive about their algorithms so it may be "slight" or it may be "huge"! They are pushing this initiative really hard and have modified their browser for it so...

Originally Posted By: rharv
We take security seriously on our servers, and I'd rather pay for an SSL with a reliable warranty than go down the letsEncrypt path.

Well, it is kinda like insurance isn't it? We assess our risks and decide how much we can tolerate. Anyone with an informational site running on a shared web host should do just fine with Let's Encrypt. If you are Amazon or eBay of course you might consider paid alternatives.

Last edited by JohnJohnJohn; 11/01/18 07:13 PM.
Off-Topic
Joined: Jun 2012
Posts: 3,558
J
Veteran
Offline
Veteran
J
Joined: Jun 2012
Posts: 3,558
Originally Posted By: David Snyder

Dear John,

Thank you for this. I will have someone explore this for me and try to use this on my behalf, because I don't have time to stay on the phone with Network Solutions all day. Thanks again for the nice tip.

Do you know by any chance if Network Solutions allows this? The last time I discussed, I think it was an extra $250 per site and of course THEY wanted to do it/sell it instantly.

I have 5 websites. So that would be a over $1,200 a year in residual recurring revenue income for a plug-in for someone. For doing nothing, of course.

I wonder about the economics of this. Is Google getting a cut from hosting companies? My hosting package from Network Solutions that allows me to have and build 5 websites is $175 a year.

To make all of those "secure" (and they are only informational) would increase my costs sevenfold--for a line of code and a green sticky from Chrome. Thanks!


Hey David! So first I'd say generally Network Solutions sucks because they still charge premium prices for meager services! I just checked them and it appears they do NOT support Let's Encrypt. Obviously this is because they want to keep making money off of every website they host! I have about 60 domains through GoDaddy (they also suck as a host but are fine as a registrar!) and they also do not offer Let's Encrypt support for the same reason.

But there are a lot of shared hosting web hosts who do support Let's Encrypt. I am assuming you are using shared hosting at Network Solutions, right? A decent shared hosting account can usually handle several thousand visitors per day unless you end up on a host that squeezes way too many sites on their servers. But even then, most sites are not getting a lot of traffic so that doesn't necessarily mean you'll have any issues.

If you want to consider moving your websites you can search online for hosts that support Let's Encrypt. And you can still leave your domains at Network Solutions if you want.

One host I like a lot is Pair Networks. For about 6 bucks a month you can host an unlimited number of sites, you get 15 GB of disk space, 75 GB monthly transfer and 15 MySQL Databases. If you wanna use Let's Encrypt you can do so for free. Or, if you want a basic secure certificate with a $10,000 warranty it is $10/year/domain.

https://www.pair.com/webhosting/shared.html

I know moving your sites can be a pain but you could save some dough and get SSL for free or a low cost. Lemme know if you have any further questions.

Last edited by JohnJohnJohn; 11/01/18 07:47 PM.
Off-Topic
Joined: Aug 2014
Posts: 7,663
Veteran
Offline
Veteran
Joined: Aug 2014
Posts: 7,663
Hey John,

Thanks! I may p.m. you on this later on if I need some more help.

I think I will contract this out when the time comes. I don't want to suffer that headache.

My daughter just finished a gorgeous art portfolio website on Wix with https automatic as the default and her website is better than anything I have ever done--granted she is a genius and an artist and a whole lot smarter than I am, but still. No extra charges, so there is obviously some form of a scam going on out there.


Off-Topic
Joined: May 2000
Posts: 21,609
Veteran
Offline
Veteran
Joined: May 2000
Posts: 21,609
JJJ,
I *think* I see your point. If it was my personal site, I may try this route.
My response is because I'm on the other side of the fence in many ways.

I am responsible for hundreds of sites on various servers and I rest much better at night knowing the SSLs we use are backed. Like I said we plan to spend a few grand a year to secure our sites using other sources.

Using LetsEncrypt means I'd have to allow them (LetsEncrypt) to run some processes/updates that access our servers every 3 months and update SSLs (they are only good for 3 months, not a couple years) .. plus I can't look at what they are actually doing.
So I have to make this decision on a different level.

If my personal hosting provider allowed it, I'd probably use this service while I could.
But like I said I'm on the other side of the fence, deciding whether to allow a free 3rd party service to access/change our servers; that makes me nervous ..

On the flip side I think PGMusic could secure both the forum and the main site (legitimately with a warranty) for about $120/yr, so it's pretty minimal in the grand scheme of things for a company like PGMusic, which is what the original thread was about.


Last edited by rharv; 11/02/18 02:54 PM.

Make your sound your own!
.. I do not work here, but the benefits are still awesome
Off-Topic
Joined: Jul 2000
Posts: 25,800
Veteran
Offline
Veteran
Joined: Jul 2000
Posts: 25,800
So is there any plan by these browsers to eventually block access? I’m perfectly happy to ignore a cautionary message on sites I trust, especially when it’s public and security isn’t needed.


BIAB 2024 Win Audiophile. Software: Studio One 6.5 Pro, Swam horns, Acoustica-7, Notion 6; Win 11 Home. Hardware: Intel i9, 32 Gb; Roland Integra-7, Presonus Studio 192, Presonus Faderport 8, Royer 121, Adam Sub8 & Neumann 120 monitors
Off-Topic
Joined: Jun 2012
Posts: 3,558
J
Veteran
Offline
Veteran
J
Joined: Jun 2012
Posts: 3,558
Originally Posted By: rharv
JJJ,
I *think* I see your point. If it was my personal site, I may try this route.
My response is because I'm on the other side of the fence in many ways.

I am responsible for hundreds of sites on various servers and I rest much better at night knowing the SSLs we use are backed. Like I said we plan to spend a few grand a year to secure our sites using other sources.

Using LetsEncrypt means I'd have to allow them (LetsEncrypt) to run some processes/updates that access our servers every 3 months and update SSLs (they are only good for 3 months, not a couple years) .. plus I can't look at what they are actually doing.
So I have to make this decision on a different level.

If my personal hosting provider allowed it, I'd probably use this service while I could.
But like I said I'm on the other side of the fence, deciding whether to allow a free 3rd party service to access/change our servers; that makes me nervous ..

On the flip side I think PGMusic could secure both the forum and the main site (legitimately with a warranty) for about $120/yr, so it's pretty minimal in the grand scheme of things for a company like PGMusic, which is what the original thread was about.


Yeah I can see that you and I are at different ends of the spectrum. When I use shared hosting for myself or my clients I would not hesitate to use Let's Encrypt for an info site. But if I was managing my own servers I'd probably choose to go the route you describe.

Regarding PGM they already have a secure cert for pgmusic.com so it would only take a few hours to convert all of the absolute references from http to https. You could probably do it even faster with a little redirect trickery! There is no reason for them not to fix this right away and avoid the possibility of losing even a single prospective customer.

Previous Thread
Next Thread
Go To
Page 1 of 2 1 2

Link Copied to Clipboard
ChatPG

Ask sales and support questions about Band-in-a-Box using natural language.

ChatPG's knowledge base includes the full Band-in-a-Box User Manual and sales information from the website.

PG Music News
Band-in-a-Box® 2024 Review: 4.75 out of 5 Stars!

If you're looking for a in-depth review of the newest Band-in-a-Box® 2024 for Windows version, you'll definitely find it with Sound-Guy's latest review, Band-in-a-Box® 2024 for Windows Review: Incredible new capabilities to experiment, compose, arrange and mix songs.

A few excerpts:
"The Tracks view is possibly the single most powerful addition in 2024 and opens up a new way to edit and generate accompaniments. Combined with the new MultiPicker Library Window, it makes BIAB nearly perfect as an 'intelligent' composer/arranger program."

"MIDI SuperTracks partial generation showing six variations – each time the section is generated it can be instantly auditioned, re-generated or backed out to a previous generation – and you can do this with any track type. This is MAJOR! This takes musical experimentation and honing an arrangement to a new level, and faster than ever."

"Band in a Box continues to be an expansive musical tool-set for both novice and experienced musicians to experiment, compose, arrange and mix songs, as well as an extensive educational resource. It is huge, with hundreds of functions, more than any one person is likely to ever use. Yet, so is any DAW that I have used. BIAB can do some things that no DAW does, and this year BIAB has more DAW-like functions than ever."

Happy Easter! Holiday Hours...

2024 is well underway - it's already Easter Weekend!

Our Customer Service hours this weekend are:

Friday, March 29: 8-4
Saturday, March 30: 8-4
Sunday, March 31: closed

Regular hours resume Monday, April 1st - no joke!

Convenient Ways to Listen to Band-in-a-Box® Songs Created by Program Users!

The User Showcase Forum is an excellent place to share your Band-in-a-Box® songs and listen to songs other program users are creating!

There are other places you can listen to these songs too! Visit our User Showcase page to sort by genre, artist (forum name), song title, and date - each listing will direct you to the forum post for that song.

If you'd rather listen to these songs in one place, head to our Band-in-a-Box® Radio, where you'll have the option to select the genre playlist for your listening pleasure. This page has SoundCloud built in, so it won't redirect you. We've also added the link to the Artists SoundCloud page here, and a link to their forum post.

We hope you find some inspiration from this amazing collection of User Showcase Songs!

Congratulations to the 2023 User Showcase Award Winners!

We've just announced the 2023 User Showcase Award Winners!

There are 45 winners, each receiving a Band-in-a-Box 2024 UltraPAK! Read the official announcement to see if you've won.

Our User Showcase Forum receives more than 50 posts per day, with people sharing their Band-in-a-Box songs and providing feedback for other songs posted.

Thank you to everyone who has contributed!

Video: Volume Automation in Band-in-a-Box® 2024 for Windows®

We've created a video to help you learn more about the Volume Automation options in Band-in-a-Box® 2024 for Windows.

Band-in-a-Box® 2024: Volume Automation

www.pgmusic.com/manuals/bbw2024full/chapter11.htm#volume-automation

Video: Audio Input Monitoring with Band-in-a-Box® 2024 for Windows®

We've created this short video to explain Audio Input Monitoring within Band-in-a-Box® 2024, and included some tips & troubleshooting details too!

Band-in-a-Box® 2024: Audio Input Monitoring

3:17: Tips
5:10: Troubleshooting

www.pgmusic.com/manuals/bbw2024full/chapter11.htm#audio-input-monitoring

Video: Enhanced Melodists in Band-in-a-Box® 2024 for Windows®!

We've enhanced the Melodists feature included in Band-in-a-Box® 2024 for Windows!

Access the Melodist feature by pressing F7 in the program to open the new MultiPicker Library and locate the [Melodist] tab.

You can now generate a melody on any track in the program - very handy! Plus, you select how much of the melody you want generated - specify a range, or apply it to the whole track.

See the Melodist in action with our video, Band-in-a-Box® 2024: The Melodist Window.

Learn even more about the enhancements to the Melodist feature in Band-in-a-Box® 2024 for Windows at www.pgmusic.com/manuals/bbw2024upgrade/chapter3.htm#enhanced-melodist

Forum Statistics
Forums66
Topics81,397
Posts732,529
Members38,442
Most Online2,537
Jan 19th, 2020
Newest Members
danielsk, Mark Morgan, zagrajbarke, Ernest J, Izzy
38,442 Registered Users
Top Posters(30 Days)
MarioD 200
Al-David 124
DC Ron 115
dcuny 87
rsdean 85
Today's Birthdays
(charlie), WobblyGstring
Powered by UBB.threads™ PHP Forum Software 7.7.5