What Happened to "Record Seek"?
I have joyfully used Record Seek in the past to link a record found on Ancestry, or other websites to all the individuals in Family Search on that record.
Starting yesterday, when I click on Record Seek, I get this:
Has Record Seek been hacked? Is it safe to use? It was a very convenient way to attach links.
Does anyone have an opinion about what is going on or if there is a solution?
Their security certificate expired on Christmas. That is what this message is about.0
All standard encryption certificates come with an expiration date, after which the certificate is no longer valid and cannot be used. So when you try to go to a page on a site who's encryption certificate has expired, that is the type of message you get. Any URL on that site with the secured "https:" prefix will not work and you will have no encryption.
However, some sites might allow you to access them unencrypted (e.g., using the "http:" prefix) if you choose to. However, since encryption is basically turned off, your communication with that site is open to hacking.
In any event, recordseek.com does NOT allow any access other than "https:" access since they use the HSTS (HTTP Strict Transport Security) security policy.
Until they get their Certifying Authority to update their encryption certificate, NOBODY can access the recordseek.com domain.
Someone probably just forgot about it. When they get a flood of customers notifying them that something is wrong, it will likely take at least two or three days to get their certificate updated.0
I also have used recordseek... Although I don't remember getting a message like this while using it, I have gotten this message before for other things... usually after something has happened with my wifi or after adding a new device... I usually just click on through lol... Obviously I wouldn't advise doing that but I haven't had any issues by doing so0
Boy, I hope they are able to fix it. I tried googling Record Seek to ask them and the same scary notice came up! Guess I'll just wait and see what happens and in the meantime create my own sources in source box with a link to the website.0
I would not panic too much ...
Every now and them, I get the same "Message" (not all the time; but, just every now and then), with the "Irish" Government website of "Irish Genealogy".
After all, it is the "Christmas"/"New Year" Period ... give it some time.
Hopefully, they will get around to it ...
Thank you @JeffWiseman JeffWiseman !!0
Thank you both for responding.
How do we "flood" them to notify them? I don't know how to access them if I can't get on recordseek.com.
Their website has this contact info:
Yea, the RecordSeek Community on Facebook already has a report and one "me too" on the security errors from 2 days ago (i.e., Dec 27. Their certificate expired on the 26th).
Remember, it's not just that the tool doesn't work, it's their entire web site that nobody can access. So I'm sure they will soon know about it and will resolve.
Or you could send an email to their support desk that Amy provided.
If you just can't wait, you could always set you PC's clock back to Christmas day (i.e., before the certificate expired). However you can get into other problems doing that so I suggest we just wait unless someone with a FB account can add additional notices about the certificate 😊0
Thank you, this is great that you know what is going on. I appreciate all the responses!0
By the way, just for future reference, almost all organizations with websites on the Internet now use these encryption certificates for security. They always come with expiry dates and must be renewed on a regular basis. When site management forgets this, you will get this same situation occurring there as well.
For example, the community.familysearch.org website that you are currently looking at these discussions on has a certificate that expires on August 5, 2021. Accessing the FSFT on the www.familysearch.org website uses a different certificate that will expire August 13, 2021.
A few years back it was mainly financial institutions such as banks that used these but they have quickly become commonplace. When you see the little lock icon, it means that you are communicating with that site's URL in an encrypted fashion using that organization's encryption certificate public keys. Anything encrypted using that organization's certificate's public keys cannot be decrypted by anyone else. Only the organization holding that certificate which is locked to their website can decrypt your messages to them.
With the exception of the little lock icon and the security messages that your browser may present when something is questionable (in this case an expired certificate), all of this technology is typically hidden from the folks that are using it.0
You can still access RecordSeek. On the "Your connection isn't private" screen, click on "Advanced." Next click on "Continue to recordseek.com (unsafe)." This takes you to the RecordSeek home page. You just have to decide if you want to access the site while the site has no valid security certificate.0
I'm running macOS Sierra with current versions of both Safari and Firefox. Although I remember some time in the past being allowed past those screens as you suggested, now neither of them provide that capability. I know that both Safari and Firefox have been getting stricter with security so this may be a result of that.
Did you actually try it? It may be PS/browser specific or they have set all pages to https: only.0