Ski Website Security 2018 - How Secure are your favourite websites?

Ski Website Security 2018 - How Secure are your favourite websites?
Started by Admin in Ski Chatter
Login
To Create or Answer a Topic

Latest images on this Topic...

22-May
Admin
Are the websites you use secure? (and why does it matter?)

With the GDPR deadline looming, and online security and privacy in the news, it's time to take our regular look at the security (or otherwise!) of the top skiing websites.



Summary

Ranked from most secure, to least (i.e. NOT secure), the most popular Ski Websites (with their security grading) are :-

- A+ J2Ski at https://www.j2ski.com/ (yes, we care about your data!)
- A Crystal Ski at https://www.crystalski.co.uk/
- A Iglu at https://www.igluski.com/
- A OnTheSnow at https://www.onthesnow.com/
- A Snow-Forecast at https://www.snow-forecast.com/
- B Ski Solutions at https://www.skisolutions.com/
- C SkiClub GB at https://www.skiclub.co.uk/
- F Snowheads at http://snowheads.com/


Why Does It Matter?

If a website is not secure, then your personal information - including your password and any details you enter or store on that website - is at risk.

And if the connection is not secure (does not use https, or is mis-configured) your data is at risk not just from someone hacking that website, but every time you browse it. An insecure website gets sent your data (and your password) in plain text all the way from your browser (your PC or phone).

Your data can be stolen, relatively easily, by anyone able to get between you and that website...


How likely is that - really?

If you use a public Wifi service (or a poorly secured private one!) to login to an insecure website, then anyone else using that Wifi may be able (with the right software) to see your password. And if your name, email address, passport details, whatevever are on that website then they can help themselves to those too.

Not wishing to make you paranoid, but see Mr. Scumbag sitting in the corner of the coffee shop with his laptop? Yeah, him; he's just grabbed your password, logged in to get your email, name and address and right now he's filling out a loan application in your name... and if you used the same password on your Amazon account... he's having a party!

And if one of the administrators of your favourite insecure website is in the coffee shop, Mr. Scumbag just got his password too; and now he's logged in and is scooping up everyone's data.


GDPR

The GDPR (General Data Protection Regulation) comes into force on the 25th May and "requires personal data to be processed in a manner that ensures its security". Insecure websites will clearly fail this requirement and not be GDPR-compliant.


How Can I Tell if my connection to a Website is Secure?

Check the icon or text on your browser's address bar, next to the website address. A green padlock and/or the word "Secure" and you're good to go; an exclamation mark and/or the phrase "Not Secure" and you're not!


This Year's Results

Once again, we've used the comprehensive tool at SSL Labs to check these websites. You can run these tests yourself, or check any other website you use, by going to https://www.ssllabs.com/ssltest/


Top Of The Class

Best of the bunch, with secure connections and a secure up-to-date technology platform, scoring A or A+ are :-
SSL Labs wrote:J2Ski "Secure" - Graded A+ - https://www.ssllabs.com/ssltest/analyze.html?d=www.j2ski.com

SSL Labs wrote:Crystal "Secure" - Graded A - https://www.ssllabs.com/ssltest/analyze.html?d=crystalski.co.uk

SSL Labs wrote:Iglu "Secure" - Graded A - https://www.ssllabs.com/ssltest/analyze.html?d=igluski.com

SSL Labs wrote:On The Snow "Secure" - Graded A - https://www.ssllabs.com/ssltest/analyze.html?d=onthesnow.com

SSL Labs wrote:Snow Forecast "Secure" - Graded A - https://www.ssllabs.com/ssltest/analyze.html?d=snow-forecast.com



Could do Better

Secure, but not as secure as they could be (outdated, badly configured or compromised platform), scoring B or C are :-
SSL Labs wrote:Ski Solutions - Graded B - https://www.ssllabs.com/ssltest/analyze.html?d=skisolutions.com

SSL Labs wrote:Ski Club GB "Vulnerable" - Graded C - https://www.ssllabs.com/ssltest/analyze.html?d=skiclub.co.uk



Hall Of Shame

Insecure connections (all your data are belong to... anyone who wants it) and insecure websites :-
SSL Labs wrote:Snowheads "Not Secure" - Graded F - https://www.ssllabs.com/ssltest/analyze.html?d=snowheads.com



If there are any other Ski Websites you'd like to see added to this list (i.e. the ones we test each year) then let us know with a reply here...

Keep it secret, keep it safe...
The Admin Man

Not a Member?

FREE Snow Reports by e-mail.

Save on Ski Hire

Save up to 50%

+5% for 4+ Ski Packs

+10% for 10+ Ski Packs

Discount Ski Hire

7th day Free on selected dates

SkiSet

Sponsored Links

Sponsored Links

  Search Hotels

Flachau Hotels
Location
Arrival
Departure

 Lift Pass Deals 
on Chalets & Apartments
 where available

Please Share if you like this page

Forum Listing Key

Unread Post
Hot Topic
Sticky (important)
Announcement

The views and opinions presented in the J2Ski Forums are solely those of their respective authors and do not represent those of J2Ski Ltd. Objectionable Content may be notified by sending a Private Message to Admin.

J2Ski logo

Search
J2Ski

Snow Reports
by eMail