I just want you all to know that I was completely correct about DDO, the warnings are back.

Author: RationalMadman ,

Topic's posts

Posts in total: 50
  • RationalMadman
    RationalMadman avatar
    Debates: 283
    Forum posts: 8,651
    10
    10
    11
    RationalMadman avatar
    RationalMadman

    If you genuinely trust this website, you have no idea what has happened, they have new anonymous owners. Juggle is dead as a corporation. It is a phishing site, they are garnering data on you, DO NOT THINK FOR A SINGLE SECOND your PMs are not being read by the people behind it!

    It is absolutely exposed, it has certified its own HTTPS via an account it bought on Amazon. Chrome and Firefox both noticed this.

    To get this error message, insist to your browser it goes to the HTTPS (not HTTP) version and have good settings on your browser. 
  • Ramshutu
    Ramshutu avatar
    Debates: 42
    Forum posts: 1,725
    6
    8
    10
    Ramshutu avatar
    Ramshutu
    Bahahahahahahah


    “Firefox does not trust this site, as it uses a certificate that is not valid for “debate.org”. The certificate is only valid for “*.debate.org”



  • RationalMadman
    RationalMadman avatar
    Debates: 283
    Forum posts: 8,651
    10
    10
    11
    RationalMadman avatar
    RationalMadman
    It is a phishing method it has used to get Amazon to certify it. It has certified its own HTTPS via some means it has purchased on Amazon. The domain of the HTTPS certificate is apparently owned by and unique to debate.org itself. That is why both Firefox and Chrome are noticing it. I also noticed it is doing a redirect before you hit the main website that is running javascript but it is so instantaneous, you can't notice it. If you visit pages on DDO (not the main site itself) from google searches or via some links on it, it will actually try redirecting you elsewhere than DDO but then back onto the real page.

    There is something very shady going on and the anonymous owners of DDO are clearly in on it.

  • RationalMadman
    RationalMadman avatar
    Debates: 283
    Forum posts: 8,651
    10
    10
    11
    RationalMadman avatar
    RationalMadman
    The certificate that DDO is using is not a trusted one that any other website than itself uses to validate its legtitmate encryption and ownership.
  • Ramshutu
    Ramshutu avatar
    Debates: 42
    Forum posts: 1,725
    6
    8
    10
    Ramshutu avatar
    Ramshutu
    No it means you don’t understand what you’re looking at:

    an SSL test for www.debate.org is fine:


    An SSL test for “debate.org” fails because the domain is *.debate.org; which doesn’t match the domain pattern.


    Tracert online says that they resolve to the same IP address:

    (check it here)


    So no, what you’re saying is untrue - the certificate passes an ssl test, the certificate search is just being confused by the lack of a “www.” - if you type in “www.debate.org” it will be fine. 


  • Ramshutu
    Ramshutu avatar
    Debates: 42
    Forum posts: 1,725
    6
    8
    10
    Ramshutu avatar
    Ramshutu
    So please stop making things up that you obviously don’t know about - as you the things you’ve said clearly show you’re ignorant of the technology
  • RationalMadman
    RationalMadman avatar
    Debates: 283
    Forum posts: 8,651
    10
    10
    11
    RationalMadman avatar
    RationalMadman
    Stop talking to me like I'm your fucking underling who is a piece of dirt to smirk at and humiliate even when I am trying to warn people not to go on a dangerous competitor of this website that may get their login details if they use the same password as here etc.

    I am not interested in your putrid tone and attitude, go and talk to your reflection like that. I am here warning people. Tell me, who owns DDO?


    The registrant of DDO ownership is clickablenames.com. This is not a case of them 'selling it to Juggle' like we were told, they have owned it the entire time and are only interested in generating revenue from superficial activity rates and the garnering of user data. What they then do with that data, no one knows. They clearly are not just interested in 'clickable names' they never actually sold the true domain of the website since 2015. From 28th July 2015, Juggle clearly sold the site back to Clickable Names (which makes sense, it was when Juggle suddenly began updating nothing on the website at all and it was hard to get Airmax to explain why). From that point forth it has been run by either neglectful or abusive owners that have enabled adspam bots that were advertising pirated content download links on a high-ranking website, and in turn enjoyed the activity-rate superficially going up. Shortly after the attacks, they qualified for a big sale to an advertising company and if you visit the website without adblock of any kind, it's jampacked with endless ads not just at the bottom but throughout (trip-links are coming soon probably etc, making it hard not to click an ad while you're there).

    They got their own HTTPS registered, unique to themselves. This means they themselves certify that they are running a legitimate website with no leaks of data or shady shit going on in the behind-the-scenes coding and security of the database. They even ban my HTTPS Everywhere app from using public domain means of certifying a website in the most basic way via SSL encryption, it has "Let's Encrypt" free certificate available for any website that applies to it and/or enables it.

    You do not know these things, so whatever. Just keep preaching. DDO literally only allows the encryption of data and tunneling of website navigation to happen via its self-certified HTTPS, it actively is banning other, willing/free means of encrypting it.
  • RationalMadman
    RationalMadman avatar
    Debates: 283
    Forum posts: 8,651
    10
    10
    11
    RationalMadman avatar
    RationalMadman
    This app is more reliable than Chrome and Mozilla put together, it is a socialist concept of making HTTPS available to websites that don't even want to pay for the certificate. 

    Chrome and Mozilla both support the means it uses to deal with websites where the certificate is invalid. Look at the sponsors of the 'Let's Encrypt' certificate: https://letsencrypt.org

    The extension I use is this: https://www.eff.org/https-everywhere

    HTTPS Everywhere is produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site. The HTTPS Everywhere extension fixes these problems by using clever technology to rewrite requests to these sites to HTTPS

  • TheRealNihilist
    TheRealNihilist avatar
    Debates: 44
    Forum posts: 4,888
    4
    8
    11
    TheRealNihilist avatar
    TheRealNihilist
    --> @bsh1
    Look at what he is doing.

    He is spreading false information that can lead to harm. 

    This 100% falls under excessive trolling.



  • RationalMadman
    RationalMadman avatar
    Debates: 283
    Forum posts: 8,651
    10
    10
    11
    RationalMadman avatar
    RationalMadman
    --> @bsh1 @TheRealNihilist
    Show me the false information I have spread.
  • TheRealNihilist
    TheRealNihilist avatar
    Debates: 44
    Forum posts: 4,888
    4
    8
    11
    TheRealNihilist avatar
    TheRealNihilist
    @RM

    Ramshutu has already. I have. bsh1 has. Heck it would be difficult to find active users who can't find false information you spread that doesn't lead to a negative response. This is also excessive.

    Actually addressing what you said instead of demonstrating the same deceny you showed to me, this forum post. Like I said earlier Ramshutu already has before and here.



  • RationalMadman
    RationalMadman avatar
    Debates: 283
    Forum posts: 8,651
    10
    10
    11
    RationalMadman avatar
    RationalMadman
    --> @TheRealNihilist
    In this thread, would you care to show me the false information I have spread?
  • TheRealNihilist
    TheRealNihilist avatar
    Debates: 44
    Forum posts: 4,888
    4
    8
    11
    TheRealNihilist avatar
    TheRealNihilist
    @RM

    Someone more intelligent on this subject has done so. If you actually care about the truth you should ask him instead of asking a spectator. You would get a better response from Ramshutu.

    Just see post #2 to find out what is wrong. There are other posts as well but that is blatant but like always you brain goes numb or something whenever a person demonstrates you are wrong.

  • RationalMadman
    RationalMadman avatar
    Debates: 283
    Forum posts: 8,651
    10
    10
    11
    RationalMadman avatar
    RationalMadman
    I see Post 2. It disproved nothing I said whatsoever.
  • RationalMadman
    RationalMadman avatar
    Debates: 283
    Forum posts: 8,651
    10
    10
    11
    RationalMadman avatar
    RationalMadman
    You are just here to taunt and bully me.
  • SupaDudz
    SupaDudz avatar
    Debates: 28
    Forum posts: 10,198
    5
    8
    11
    SupaDudz avatar
    SupaDudz
    I don't think RM is wrong, but I don't think he is right.

    debate.org is not going to fuck up your computer do anything like that. but i have noticed significant lower performance on computer with tab open. you can still go in, but it is pretty annoying
  • Ramshutu
    Ramshutu avatar
    Debates: 42
    Forum posts: 1,725
    6
    8
    10
    Ramshutu avatar
    Ramshutu
    “It is a phishing method it has used to get Amazon to certify it.”

    False #47: it’s just the formatting of the domain. The certification is completely valid when you assess the actual certificate

    “It has certified its own HTTPS”

    False #48: you can have a certificate certify itself - but that shows up in the certificate as the certifying authority would be itself - this certificate clearly shows it’s been certified by amazon.

    “via some means it has purchased on Amazon.”

    False #49: You can only purchase a certificate for your domain: and the fact that they own a “*.debate.org” domain certificate, and own the “debate.org” domain - there’s literally nothing wrong with the certificate

    “The domain of the HTTPS certificate is apparently owned by and unique to debate.org itself. That is why both Firefox and Chrome are noticing it.”

    False #50: they are noticing it because “debate.org” does not match the expression “*.debate.org” (but www.debate.org does)

    “I also noticed it is doing a redirect before you hit the main website that is running javascript but it is so instantaneous, you can't notice it.”

    False #51: No it doesn’t. Your browser would be the thing doing the redirection, and it wouldn’t be instantaneous. You can also pull only the page source from debate.org via non-browser means and it shows the plane old site.

    “If you visit pages on DDO (not the main site itself) from google searches or via some links on it, it will actually try redirecting you elsewhere than DDO but then back onto the real page.”

    False #52: nope, again the site doesn’t redirect you - your browser does - it isn’t instantaneous and you would be able to tell. 

    You’re possibly confused with the information about external look ups. Debate.org will report its looking up other external servers and transferring information - this is what happens when you load ads.

    “There is something very shady going on and the anonymous owners of DDO are clearly in on it.”

    False: #53: again, no. This is just a trivial issue with expressions.

  • Ramshutu
    Ramshutu avatar
    Debates: 42
    Forum posts: 1,725
    6
    8
    10
    Ramshutu avatar
    Ramshutu
    I see Post 2. It disproved nothing I said whatsoever.
    I provided an eternal website that provides an SSL scan of debate.org and www.debate.org in Post #5 - this shows the certificate is fine; there’s just a minor discrepancy - normally certificates cover “domain.com” and “*.domain.com.


    Like I said - show the certificate error when you enter www.debate.org

  • crossed
    crossed avatar
    Debates: 56
    Forum posts: 498
    1
    2
    6
    crossed avatar
    crossed
    Anyway i am glad that the site would not let me publish debates now. I hope they never install the social credit score thing.
  • crossed
    crossed avatar
    Debates: 56
    Forum posts: 498
    1
    2
    6
    crossed avatar
    crossed
    Social credit is the final nail in this whole plot. Everything that they have done is so the can bring in social credit system like they have in china
  • RationalMadman
    RationalMadman avatar
    Debates: 283
    Forum posts: 8,651
    10
    10
    11
    RationalMadman avatar
    RationalMadman
    DDO isn't going to fuck up your computer, Dudz, it's going to spy on you and use your data for nefarious purposes, especially if your username, email and password have any connection elsewhere on the Internet as on DDO. It's owned by completely corrupt adscam click-count-faking artists who get ad revenue and tax write-offs and who knows what else, considering that they were complicit with pirted advertising.
  • Ramshutu
    Ramshutu avatar
    Debates: 42
    Forum posts: 1,725
    6
    8
    10
    Ramshutu avatar
    Ramshutu
    “The registrant of DDO ownership is clickablenames.com. This is not a case of them 'selling it to Juggle' like we were told, they have owned it the entire time and are only interested in generating revenue from superficial activity rates and the garnering of user data.”

    False #54: Clickablenames.com is juggle.  (http://www.juggle.com

    So yes, the site was sold to juggle.

    “From that point forth it has been run by either neglectful or abusive owners that have enabled adspam bots”

    False #55: neglectful yes, abusive? Huh?

    Your whole premise is that people want your data and ad revenue - but enabled the very things that drive users off the site? This makes no sense.

    “They got their own HTTPS registered, unique to themselves. This means they themselvescertify that they are running a legitimate website with no leaks of data or shady shit going on in the behind-the-scenes coding and security of the database.”

    False #56: their certificate is certified by AWS, the SSL scan link clearly shows the certificate tracking back to its certifying authority origin.

    “They even ban my HTTPS Everywhere app from using public domain means of certifying a website in the most basic way via SSL encryption, it has "Let's Encrypt" free certificate available for any website that applies to it and/or enables it.”

    False #57. Again in your https everywhere, the link is https://debate.org - which likely fails for the same reason as the other examples

    False #58: https everywhere prevents http examples of website links and content being loaded, by changing the loaded page code to use https instead of http where it’s used. HTTPS doesn’t use “public domain means” of certifying a website through a public free certificate - this isn’t how certificate works.

    To prove who they say they are a website must have a validate certificate issued by a trustworthy authority loaded and receivable upon an SSL request - HTTPS won’t circumvent that process as it defeats the entire purpose of having https security in the first place by bypassing the certification process.

    False #59: When a page is requested from a server, it returns page source which is then loaded and viewed by the browser; plugins have access to this and can modify or adjusts the page source as needed. The website cannot “ban” HTTPS from doing anything, because the website can’t know that it’s even there, there are things that it may not support so that requests https everywhere makes are simply unsupported, but that doesn’t appear to be the case here.

    “You do not know these things, so whatever.”

    False #60: I am a principle software engineer. Among my networking expertise and have designed software to work in distributed industrial network products; one of the major products was a massively distributed set of industrial products where the physical devices are all over the world; and have to be operated securely from a single location.

    I’ve also had the head of IT come round to me asking WTF i was doing to the network no less than 4 times during testing. 

    “DDO literally only allows the encryption of data and tunneling of website navigation to happen via its self-certified HTTPS”

    False #61. “Tunneling of website navigation” is a meaningless term that makes no technical sense. This like in some Hollywood film where a hacker “reconfigures the ports to allow sockets to tunnel directly through the DNS to the mainframe.”

    False #62: the certificate is certified by amazon; the issuing authority is the one that signs it

    “it actively is banning other, willing/free means of encrypting it.”

    False #63:as explained, that’s not how free certificates work.

    False #64: certificates are not anything to do with encryption, a https site provides a public key that the ssl layer on the client will use to encrypt data and send it back - only someone with the associated private key can decrypt it. Certificates are a mechanism relayed to proving the ownership of the public key - a lack of a certificate or faulty certificate means the site can’t prove its ownership of the public key - data sent to it is still encrypted.

    False #65: again, ddo can’t “actively ban” a plug-in, that’s not how they works

  • RationalMadman
    RationalMadman avatar
    Debates: 283
    Forum posts: 8,651
    10
    10
    11
    RationalMadman avatar
    RationalMadman
    Tell me, why does Juggle have no HTTPS version? did you know it will cut your connection to it if you try to go to the HTTPS version?

    That is some shady shit.
  • RationalMadman
    RationalMadman avatar
    Debates: 283
    Forum posts: 8,651
    10
    10
    11
    RationalMadman avatar
    RationalMadman
    They are actively disallowing HTTPS on their main domain, I never said plugin, they do disable any form of HTTPS other than their Amazon thing on the "www." version of the domain only. That's sly, scam artist shit just like it's always been.

    They are dirty and I always fucking knew it. It's a shell company, probably for either a group of nefarious people having a tax write-off or a government agency spying no people of strange views.
  • RationalMadman
    RationalMadman avatar
    Debates: 283
    Forum posts: 8,651
    10
    10
    11
    RationalMadman avatar
    RationalMadman
    I used TOR Browser to access it. These fuckers are quoting Sun Tzu in their homepage, they are no doubt about it experienced at what they are doing.