Total posts: 2,768
Posted in:
When you connect to https:// debate.org the browser tells you that it is a phishing site trying to steal your passwords and credit card details.You just linked to a phishing website because you think it's not a scam that it bans https on its main domain, but only enables it on https://www.debate.org
False #74: You keep confusing certificates with encryption. Debate.org doesn’t “ban https on its main domain” you can tell because it has https in the title when you view the website. A certificate error doesn’t mean your data isn’t being encrypted
False #75: Debate.org and ww.debate.org are the same server. We’ve talked about this - phishing is when you mimic another website - a website mimics itself to steal the passwords you would have typed in to the site anyway is just nonsensical mumbo jumbo.
This is literally just a trivial minor screw up in the certificate and nothing more. Stop scaring people with your ridiculous, ignorant technobabble.
False #76: I do not “think” it is not a scam - it’s not a scam. The public key is a trusted key with a valid certificate that has a trivial naming issue in the domain name of the certificate. The site securely uses https regardless of how you access it, and everything’s going to the same server and domain owned by juggle and confirmed by the certificate.
Moreover - your description of phishing makes literally no technical sense at all. If another site was pretending to be debate.org - that would be phishing and detectable (and isn’t happening). You’re claiming the website is trying to phish itself - which makes no sense ; that the “hackers” spent a substantial amount of money to buy a legitimate DV certificate but “forgot” to get the domain root - which makes no sense; and the whole reason they did this is to impersonate their own site (which makes no sense); and to steal your data and passwords - which would have literally nothing to do with usage of ssl or certificates anyways.
I don't know how many more ways you want to be wrong; but things you’ve said make it obvious that you are completely ignorant of how the technology works, how hackers and hacking works - but yet apparently feel qualified to keep making the claims no matter how you’re being schooled.
Created:
Posted in:
Ramshutu was correct about the www. vs non-www thing.
True.
Everything else I said is overall true.
False #70: As covered above, almost everything you have said has been factually incorrect.
They are a phishing site run by sinister individuals and force you to opt-out of HTTPS if you use 'debate.org' instead of 'www.' version.
False #71: Again, not correct: A phishing site is typically one that pretends to be another site in order to steal log on credentials from a real site. The claim that it debate.org is a phishing site set up to steal log in details from itself, makes no sense.
False #72: You cannot “opt out” of https, when you connect to https://debate.org - you are connecting via https. The clue is in the https part of the URL. The connection is using https and encrypted. Please stop inventing this nonsense claim - if you were not connecting via https, it would show “http://“ all that is happening is that the way your browser and your plugins are checking the certificate and domain against the certificate causes one to not match, and the other to match - as they are being overly semantic due to the way the DVSSL cert wildcard is being checked.. SSL certificate checks confirm that the certificate is completely valid, and there is nothing suspicious going on other than that the certificate doesn’t cover the root domain.
False #73: RM has yet to provide any evidence other than completely inaccurate and false technical reasoning as to how he knows the site is run by sinister individuals. The site is simply not being maintained.
Created:
Posted in:
-->
@crossed
You keep using this word. I do not think it means what you think it means.This proves they are all part of the occult.
Created:
Posted in:
“They are actively disallowing HTTPS on their main domain, I never said plugin, they do disable any form of HTTPS other than their Amazon thing on the "www." version of the domain only. That's sly, scam artist shit just like it's always been.”
False #66: false. They aren’t “actively disallowing https”, they simply are running a server that hasn’t installed https. Https is a functional element of the server, it’s not something that all servers support by default, and it has to be turned off.
False #67:sly? What? That claim is a stupid claim. The debate.org domain spent money on a certificate that authenticated *.debate.org” - thus debate.org and www.debate.org depending on how your browser compares domaines are both valid and authentic websites. “Debate.org” and “www.debate.org” resolve via dns to the same ip address - so are the same physical server. There is no phishing going on.
False #68: you seem to imply that “www.debate.org” is encrypted whilst “debate.org” is not. That’s utter nonsense. Both are fully encrypted - only one domain doesn’t match that of the certificate if you’re overly semantic when checking the domain name.
“They are dirty and I always fucking knew it. It's a shell company, probably for either a group of nefarious people having a tax write-off or a government agency spying no people of strange views.”
False #69:this is completely made up, there is no evidence or justification for this claim, and thus far nothing you’ve said even illustrates anything shady is going on; despite your litany of false claims on the matter.
Created:
Posted in:
Tell me, why does Juggle have no HTTPS version? did you know it will cut your connection to it if you try to go to the HTTPS version?That is some shady shit.
Because the site has no advertising, is 3-4 years since it has been updated, doesn’t have any log in, private data or need for secure connection and they probably didn’t want to bother with the hassle.
Created:
Posted in:
“The registrant of DDO ownership is clickablenames.com. This is not a case of them 'selling it to Juggle' like we were told, they have owned it the entire time and are only interested in generating revenue from superficial activity rates and the garnering of user data.”
False #54: Clickablenames.com is juggle. (http://www.juggle.com)
So yes, the site was sold to juggle.
“From that point forth it has been run by either neglectful or abusive owners that have enabled adspam bots”
False #55: neglectful yes, abusive? Huh?
Your whole premise is that people want your data and ad revenue - but enabled the very things that drive users off the site? This makes no sense.
“They got their own HTTPS registered, unique to themselves. This means they themselvescertify that they are running a legitimate website with no leaks of data or shady shit going on in the behind-the-scenes coding and security of the database.”
False #56: their certificate is certified by AWS, the SSL scan link clearly shows the certificate tracking back to its certifying authority origin.
“They even ban my HTTPS Everywhere app from using public domain means of certifying a website in the most basic way via SSL encryption, it has "Let's Encrypt" free certificate available for any website that applies to it and/or enables it.”
False #57. Again in your https everywhere, the link is https://debate.org - which likely fails for the same reason as the other examples
False #58: https everywhere prevents http examples of website links and content being loaded, by changing the loaded page code to use https instead of http where it’s used. HTTPS doesn’t use “public domain means” of certifying a website through a public free certificate - this isn’t how certificate works.
To prove who they say they are a website must have a validate certificate issued by a trustworthy authority loaded and receivable upon an SSL request - HTTPS won’t circumvent that process as it defeats the entire purpose of having https security in the first place by bypassing the certification process.
False #59: When a page is requested from a server, it returns page source which is then loaded and viewed by the browser; plugins have access to this and can modify or adjusts the page source as needed. The website cannot “ban” HTTPS from doing anything, because the website can’t know that it’s even there, there are things that it may not support so that requests https everywhere makes are simply unsupported, but that doesn’t appear to be the case here.
“You do not know these things, so whatever.”
False #60: I am a principle software engineer. Among my networking expertise and have designed software to work in distributed industrial network products; one of the major products was a massively distributed set of industrial products where the physical devices are all over the world; and have to be operated securely from a single location.
I’ve also had the head of IT come round to me asking WTF i was doing to the network no less than 4 times during testing.
“DDO literally only allows the encryption of data and tunneling of website navigation to happen via its self-certified HTTPS”
False #61. “Tunneling of website navigation” is a meaningless term that makes no technical sense. This like in some Hollywood film where a hacker “reconfigures the ports to allow sockets to tunnel directly through the DNS to the mainframe.”
False #62: the certificate is certified by amazon; the issuing authority is the one that signs it
“it actively is banning other, willing/free means of encrypting it.”
False #63:as explained, that’s not how free certificates work.
False #64: certificates are not anything to do with encryption, a https site provides a public key that the ssl layer on the client will use to encrypt data and send it back - only someone with the associated private key can decrypt it. Certificates are a mechanism relayed to proving the ownership of the public key - a lack of a certificate or faulty certificate means the site can’t prove its ownership of the public key - data sent to it is still encrypted.
False #65: again, ddo can’t “actively ban” a plug-in, that’s not how they works
Created:
Posted in:
I provided an eternal website that provides an SSL scan of debate.org and www.debate.org in Post #5 - this shows the certificate is fine; there’s just a minor discrepancy - normally certificates cover “domain.com” and “*.domain.com.I see Post 2. It disproved nothing I said whatsoever.
Like I said - show the certificate error when you enter www.debate.org
Created:
Posted in:
“It is a phishing method it has used to get Amazon to certify it.”
False #47: it’s just the formatting of the domain. The certification is completely valid when you assess the actual certificate
“It has certified its own HTTPS”
False #48: you can have a certificate certify itself - but that shows up in the certificate as the certifying authority would be itself - this certificate clearly shows it’s been certified by amazon.
“via some means it has purchased on Amazon.”
False #49: You can only purchase a certificate for your domain: and the fact that they own a “*.debate.org” domain certificate, and own the “debate.org” domain - there’s literally nothing wrong with the certificate
“The domain of the HTTPS certificate is apparently owned by and unique to debate.org itself. That is why both Firefox and Chrome are noticing it.”
False #50: they are noticing it because “debate.org” does not match the expression “*.debate.org” (but www.debate.org does)
“I also noticed it is doing a redirect before you hit the main website that is running javascript but it is so instantaneous, you can't notice it.”
False #51: No it doesn’t. Your browser would be the thing doing the redirection, and it wouldn’t be instantaneous. You can also pull only the page source from debate.org via non-browser means and it shows the plane old site.
“If you visit pages on DDO (not the main site itself) from google searches or via some links on it, it will actually try redirecting you elsewhere than DDO but then back onto the real page.”
False #52: nope, again the site doesn’t redirect you - your browser does - it isn’t instantaneous and you would be able to tell.
You’re possibly confused with the information about external look ups. Debate.org will report its looking up other external servers and transferring information - this is what happens when you load ads.
“There is something very shady going on and the anonymous owners of DDO are clearly in on it.”
False: #53: again, no. This is just a trivial issue with expressions.
Created:
Posted in:
So please stop making things up that you obviously don’t know about - as you the things you’ve said clearly show you’re ignorant of the technology
Created:
Posted in:
No it means you don’t understand what you’re looking at:
an SSL test for www.debate.org is fine:
An SSL test for “debate.org” fails because the domain is *.debate.org; which doesn’t match the domain pattern.
Tracert online says that they resolve to the same IP address:
(check it here)
So no, what you’re saying is untrue - the certificate passes an ssl test, the certificate search is just being confused by the lack of a “www.” - if you type in “www.debate.org” it will be fine.
Created:
Posted in:
Bahahahahahahah
“Firefox does not trust this site, as it uses a certificate that is not valid for “debate.org”. The certificate is only valid for “*.debate.org”
Try www.debate.org lol
Created:
Posted in:
The only time I recall you linking debates that should be deleted is here:
And those debates appear to have been deleted. So it seems your complaint is that moderation didn’t delete debates that were deleted.
Since then you’ve only linked and referenced debates where an opponent was banned after the debate started, which has been repeatedly explained isn’t the same issue.
Also; I think you’ve changed you argument on the second part; you went from accusing me of treating you like vermin and effectively making multiple egregious violations of the code of conduct; now you appear to just argue I sneer at you. Given that I’m British, the sneering thing is kinda genetic.
Created:
Posted in:
I have gone into depth on it before, would you like case study examples, such as deleting my debates for the exact reason that he didn't delete others as well as after the MEEP that officially enacted it as a rule, I reported the debates with banned users but no deletion occured?Would you like me to highlight how Ramshutu talks to me like a piece of fucking vermin, how people can call me vermin (rat) and if I were to speak in the same tone and style of taunting to them, I have extreme legal precedent to show I'd be banned for it?
1.) As has been repeatedly pointed out your debates were deleted as they were created by a permanently banned member. Other new debates were not deleted because they made by members that were banned after the debate was started. Different scenarios. Likewise, a multitude of other debates (including one of mine), were most assuredly deleted when determined they were created by permanently banned members. You’re mixing hotel different scenarios and conditions.
2.) Whole I most definitely talk down to you; most of what I say is limited to challenging the things you say, the claims you make, or ridiculing the false accusations that you continue to repeatedly and unceasingly level at me. Don’t confuse my repeatedly attacking and rejecting the things you say as “treating you like vermin.” Because frankly, aside from the occasional minor slip into the most trivial and low level insult, my posts are almost completely and exclusively dedicated to attacking the things you say - which get absolutely no protection.
3.) As mentioned, you repeatedly and unceasingly attack me here, on debates, in comments, on your votes; you’ve repeatedly challenged my integrity, called me out publicly in threads, in mediocre raps, sent me angry PMs, called me anti Semitic, repeatedly accused me of being someone else, claimed I have tried driving people to suicide, and threatened to doxx me multiple times; in a continued and repeated pattern of unceasing personal attacks. Your behaviour is borderline abuse and harassment which I tolerate mostly because I find it hilarious.
People in glass houses, counting a traveling display of priceless Ming vases, Chinese porcelain and containing the ancient mesoptomanian clay pottery, under priceless crystal chandeliers that illuminate priceless, but delicate sandalwood floor carvings between ancient Roman mosaic flooring; should not throw boulders using a trebuchet
Created:
Posted in:
False #46: I’m correcting and fact check the ridiculously false statements you’re making. It’s not like I’m, say, repeatedly calling you dishonest, questioning your ethics, accusing you of being someone else, accusing you of being secretly anti semitic, publicly threatening to doxx you, and calling you out with raps, debate rounds, debate comments, votes and in almost every post.
So again, there is sharp separation between your claims, and reality
You don't get moderator protection against people systematically proving you wrong. If you’re unwilling or unable to defend the claims you make, that’s on you - that you are unable to cope with of don’t like being proven wrong does not make it bullying.
Created:
Posted in:
I think the ban log should be tattooed on Bsh1s butt, which he must then have as is profile picture.
Created:
Posted in:
-->
@bmdrocks21
Because it’s the closest thing you can get to account deletion.
Created:
Posted in:
We have a van log that tells you why permanent bans were handed out.
”Bans by Request” mean the individual being banned has specifically asked for the ban
Created:
Posted in:
-->
@Speedrace
I turn notifications on :P
Created:
Posted in:
It’s not truth; almost everything you’ve said has been nonsensical falsehoods that have no basis in either technology or reality.
Created:
Posted in:
The one harming you is the one telling you to go to a shady website,
False: There is no evidence that the website is “shady” in any way - merely a bad website that isn’t being maintained.
Thats false fact #45 from you in this thread!
Created:
Posted in:
If it makes you feel like shit when someone points out all the false statements you’re making - probably a good idea to stop making false statements.
Created:
Posted in:
-->
@TheRealNihilist
Firstly yes, or the realistic probability that such a harm could occur.
The second part - is basically why I’m stating the details of why he is so blatantly wrong.
The action should match the level of harm, and I don’t think it warrants any other actions. The personal impact of being wrong and knowing it is likely punishment enough.
Created:
Posted in:
-->
@TheRealNihilist
Huh? I’m not sure what you’re trying to say
Created:
Posted in:
-->
@TheRealNihilist
While I think there’s potential for harm enough to warrant correction: It’s probably not sufficient to warrant formal sanction.
Created:
Posted in:
-->
@TheRealNihilist
Online safety, hacking and the spectre of identity and information theft is something that a lot of people are terrified of. If someone who is not fully aware of the issues or the technology reads RMs ignorant, made up nonsense and views it with any semblance of credibility - it has the possibility of causing a real person real stress and has the potential - however small - of them taking this disinformation and assuming they are safe online if they take steps RM has claimed is safe which are not.Why continue talking?
While RM is free to invent whatever ridiculous nonsense he chooses about unimportant things, such as my voting record, the nature of my debate wins, google ownership, etc: when these fabrications have the ability - however small - of actually harming people in real life, these claims have to be discredited for the nonsense they are with extreme prejudice.
Created:
Posted in:
The real question is why you get such a hardon from proving me wrong and making me feel shit beyond just the proving wrong, even when defending a website that's dangerous to use and I was doing my duty warning people. You are a sadistic bully out to get me, even at the sake of justice. If that wasn't your motive, you would have come in much more pleasant, agreed to avoid DDO while it is like it is, been confused that HTTPS is force turned-off and a redirect occurs by analysing the entry path using the developer panel/console and realised just how shady things are. Instead, you're nitpicking semantics, when it is blatant to everyone other than you that I fully understand what HTTPS is and don't need advice from someone who is only defending DDO for the rush of humiliating me.
You’re spreading false information. Information you’re literally making up. Information that is untrue, and that you’re mostly pulling out of your arse with no basis in fact. You don’t appear to have any knowledge of what certificates are, how they work, or about ssl in general.
You seem to have literally no clue how this stuff works; anyone who’s even read the wiki page for ssl knows what you’re saying is untrue. Yet; you’re trying to deceive, and disinform whoever you can with false information for whatever reason.
I will always challenge charlatans peddling poorly informed bullshit as you are doing. You’re not a trustworthy source here, you’re information and advice is about as reliable as your friends telling someone they can’t get pregnant if they f**k in the shower.
- DDO is a shithole ; but the now fixed certificate issue is likely only down to lack of maintenance rather than all the random halfcocked nonsense you have invented without any justification or evidence.
- force turned of HTTPS is called “http”, and the certificates would not apply (as http doesn’t have certificates)
- the same URL cannot redirect to https or http depending on how it’s clicked
- vaguely asserting nonsense about developer panels is hilarious, as it just gives you the public facing information of the webpage content that you’re viewing.
- telling everyone all the stuff you found in vague, generic terms with no specific claims just makes you sound like an ignorant fool who is making things up using meaningless technobabble.
- the repeated errors you’ve made in basic terminology show you are very good at telling people that you understand https, but do not actually know https.
You are spreading false information; and I will always challenge people who are intentionally and unintentionally lying and misinforming others.
Created:
Posted in:
They have still got the certificate with Amazon. It still works. They opt-out of it by default when you access the site normally and make it redirect through a very shady path that I won't go into because it's criminal to reveal the ins and outs of.
- They have their own certificate - it’s valid - and the certificate is used to prove the site is who it claims
- Their certificate is signed by Amazon, because the site is hosted virtually by amazon.
- you can’t “opt out” of certificate
- not having a valid certificate doesn’t give hackers any special access or information.
- if a link directs you to debate.org and you access a site via typing in debate.org they are loaded by your browser identically
- if hackers have access to the site, they don’t need any special certificate, phishing, etc: they already have all your information.
I’m genuinely interested now; why are you sitting here professing to know things, whilst it’s clear from what you’re talking about you don’t actually know how any of it works. Do you not realize your own profound ignorance? Or do you just not care?
Created:
Posted in:
-->
@Vader
If you want a musical reference that accurately reflects the adamant denial of reality in the face of objective facts that everyone can see:
“It wasn’t me”
Is probably more accurate!
Created:
Posted in:
So debate.org was purchased by hackers - but the domain owners haven’t changed hands, so they can use it to steal the very same information they already bought? Even though they own the website, they’re using it to phish users of the same website: but they forgot to install an intermediate certificate file which they would have been able to get with the site?
This is literally nonsense you pulled out of your butthole.
Created:
Posted in:
So the hackers gained access to all the information and copied debate.org to a different domain, then hacked the global DNS system to make it look like the same site - but forgot to copy a certificate: all in order to gain chess to the information they had at the start when they hacked the site? I
Created:
Posted in:
A compromised site is normally where hackers have gained access to the site’s data or are able to change or manipulate it.
Phishing is when another site impersonates another in order for you to enter your personal information.
If the site is compromised, phishing is largely irrelevant.
“Phishing redirects” are when you have a link that looks like it goes to one site, but actually goes to a different one because the text and
the content of a hyperlink can be different. When a site redirects you to another, it’s generally obvious (as that is all managed by your browser) and the http response from the server which has generally little knowledge of whether it was clicked via link or entered directly.
Created:
Posted in:
You don’t appear to know anything about SSL or how certificates work: as I covered.
The idea that typing “debate.org” into your web browser, will instigate a phishing redirect - but google does not - is literally one of the stupidest things you’ve ever said.
When you type that name into your browser; it looks up the IP address for that domain name with a third party; which is them interrogated, returns a https link which is then used to pull the website. When you look that same thing up from google; it does exactly the same thing.
The only thing you appear to be good at in this context, is shouting about how much you know, whilst getting almost every technical detail wrong.
But by all means explain how this magic phishing redirect attempt works. Lol.
The idea that typing “debate.org” into your web browser, will instigate a phishing redirect - but google does not - is literally one of the stupidest things you’ve ever said.
When you type that name into your browser; it looks up the IP address for that domain name with a third party; which is them interrogated, returns a https link which is then used to pull the website. When you look that same thing up from google; it does exactly the same thing.
The only thing you appear to be good at in this context, is shouting about how much you know, whilst getting almost every technical detail wrong.
But by all means explain how this magic phishing redirect attempt works. Lol.
Created:
Posted in:
And that is a lie. You are experiencing a phishing redirect when you access it raw but the Google search result takes you straigh tot the HTTPS version. This is only experienced when there is phishing actively attempted.
Yeah non of that is actually true. Phishing redirects don’t work like that, and you appear to be just making stuff up. You clearly have no knowledge or idea how this technology works.
Created:
Posted in:
I know how HTTPS works, DDO has theirs with Amazon but it's not activating at all unless you go via the google search result of DDO.
If you knew how HTTPS works you would know:
- You don’t “have” https with someone
- A third party can’t “activate” https.
- Amazon is the signer of the certificate for DDO, probably because of virtual hosting
- certificates dont get “activated” either.
- accessing the same site from a google link, and direct has no difference in https or certification.
Created:
Posted in:
then tell me why when you go via google search the https works properly but when you go to the website fresh it forced unencrypted middleman reroute to you? I know why, I want to know if you do.
It sure as sh*t isn’t because google are establishing some weird encrypted tunnel lol.
SSL works between your client browser, and the site: third parties aren’t involved in the encryption. The site has a public key, you encrypt it: send it to the server - and provided that no one has the private key, no one else can read it.
Google can’t create a tunnel between you and debate.org, lol; that literally defeats one of the primary purposes of having all in the first place. At best, you send it to google, google sends it to the server - and they both get access to your unencrypted information.
You’re also very incorrect when you imply that the site can see your passwords now; that’s another lol for ignorance. The site - and any site - can pretty much see any data you transmit. This post is being encrypted, sent to dart, and the content read and parsed before being entered into a database: mike can probably see it all.
This is his your passwords can be stolen - even though the site has https - some store your unencrypted passwords...
The digital certificate is just a digitally signed set of information from which you can tell if the website issuing you the SSL public key matches the information held by a trust worthy third party issuing organization.
In this case, the certificate information all matches up with the website, the domain isn’t being spoofed, and the issue appears to be related to intermediate server certificates; which need to be installed on the server, and updated if the website hosting is substantially moved about. (Debate.org isn’t a single physical server - it is most likely a virtual server - which requires additional intermediate certificate information.
If the certificates aren’t installed (and you rely on some auto update mechanism) because, say, you’re not updating the website, then the information in you’re certificates will all check out, but you may have this sort of mismatching certificate error like this.
Almost all browsers do certificate checking. This is responsible for the “get me out of here!” Screen; and if you have a plug-in that performs more detailed information, you’re probably just seeing the results of the server being out of date.
Why do you see something different when you click a link via google vs direct : if it loads in something like amp; google may load the page content for you, giving the appearance that your using googles ssl- but if you log in, you’re still sending the information to the real server.
Without knowing more information about context, or the plugin or the various scenarios, hard to say for certain other than you’re making up 85% of the stuff you’re saying.
Sure as hell isn’t google setting up a magic pipe to debate.org - because ssl doesn’t work like that.
“trust me on this, there is a dangerous thing happening when you open the website, there is a layer of coding before it appears to you.”
The website is still owned by the same people, the SSL certificate is still valid and points to debate.org - though an intermediate is screwed - it still has the same 10 years of content present. It’s the same site, same owner.
The Snowden leaks that the CIA and NSA can get everything they need from you, and bypass SSL by using man in the middle attacks - which doesn’t show up as certificate errors.
If hackers wanted your data - it’s still in the site; they can just pull it from the database. If hackers wanted your passwords, they would have installed the SSL Certificate they appear to have paid for properly, and just Hoover up each log in without any plug-ins showing a problem.
Anyone with a cursory understanding of ssl, certificates and how they work, appreciates that most of what you’re saying is just made up nonsense that makes no sense.
However I applaud the way you excuse confidence whilst telling everyone the stuff you just made up is true.
The Snowden leaks that the CIA and NSA can get everything they need from you, and bypass SSL by using man in the middle attacks - which doesn’t show up as certificate errors.
If hackers wanted your data - it’s still in the site; they can just pull it from the database. If hackers wanted your passwords, they would have installed the SSL Certificate they appear to have paid for properly, and just Hoover up each log in without any plug-ins showing a problem.
Anyone with a cursory understanding of ssl, certificates and how they work, appreciates that most of what you’re saying is just made up nonsense that makes no sense.
However I applaud the way you excuse confidence whilst telling everyone the stuff you just made up is true.
Created:
Posted in:
That’s not how SSL works. Like... at all.Ddo is a fake mimic of its former self. This is official, based on HTTPS certification. It has lost its legitimacy but if you by Google search of the website, Google forces a HTTPS tunnel and itself encrypts things for you in thw session. This is not going to help for long but temporarily is saving the website's integrity. Do not sign in or trust it!!!!
Created:
Posted in:
-->
@Dr.Franklin
There’s no shame in not knowing; a lot of what is happening on DDO is just the inherent behaviour of a site that isn’t being maintained.
Stuff will break, come back: and it will look like the site was fixed : in reality it’s a problem with a third party library linked in that breaks - and then gets fixed later by a third party.
Take the SSL stuff, there’s a whole lot of stuff you need to keep up to date for SSL, some you can do automatically, but if you don’t keep your certificates up to date or something gets moved onto different hosts: your certificates are mostly valid, but out of date. Browsers won’t report this as it’s not a big problem, but security plugins or SSL scans will pick it up.
It’s nothing to do with scamming as the main host name still matches, only an intermediary (likely because the intermediate host changed). This is only a problem if someone is using a sported certificate to impersonate a legit site, but given that debate.org still has the full content - that’s clearly not the case, they just haven’t updated their certificate.
If hackers had control of debate.org, and wanted your passwords - for whatever nonsense reason; they could just update the SSL, and read the password being sent. Just because the data transmitted is SSL doesn’t mean the implementation of the website can’t see what you send.
Created:
Posted in:
-->
@Dr.Franklin
Oh, and ignore genius boy/chicken little - the site’s intermediate SSL certificate is out of date - probably because no ones updated it.
Created:
Posted in:
-->
@Dr.Franklin
Copyright notices are often autogenerated.
Created:
Posted in:
-->
@Dr.Franklin
By who? The owning company that no longer exists, the registrant company that no longer exists, or the new subsuming company that does something completely different, has likely written off the site for tax purposes and likely probably doesn't even know the site exists?
Created:
Posted in:
-->
@Dr.Franklin
No one at DDO fixed anything. The site isn’t being updated at all.
A third party library site probably went down for a while.
Created: