mers2
Premium,MVM
join:2004-03-20
USA
clubs:
 ·AT&T U-Verse
| reply to Tordurbar
Re: The certificate industry marketing game
Obviously, many of us disagree with you on Comodo riding both sides of the security fence with the certs. But there are still too many instances of Comodo not being ethical in other matters that I won't be using Comodo until they have a proven track record correcting that. Not to mention, personally I believe OA has a better firewall. |
|
Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub
| said by mers2  :Obviously, many of us disagree with you on Comodo riding both sides of the security fence with the certs. But there are still too many instances of Comodo not being ethical in other matters that I won't be using Comodo until they have a proven track record correcting that. Not to mention, personally I believe OA has a better firewall. You forgot to mention that Tall Emu/OA have also the better business practise when we look at ethics and moral. »onlinearmorpersonalfirewall.blog···rly.html 
--
Smokey's Security Forums »www.smokey-services.eu/forums/
Smokey's Security Weblog »smokeys.wordpress.com/
Site Member ASAP - Alliance of Security Analysis Professionals |
|
hayc59
VoodooChild
Premium
join:2001-02-26
David R.I.P.
1 edit | reply to hayc59
Re: Comodo Continues to Damage It's Reputation
Melih Responds To Mike Burgess's Blog
on a little bit o' problem..;)
moving in the right direction...maybe maybe not---NOT 
»msmvps.com/blogs/hostsnews/archi···234.aspx |
|
rcdailey
Dragoonfly
Premium
join:2005-03-29
Rialto, CA | So he's saying, in effect, if we don't do it, someone else will. How lame is that?
--
In reality, there is no such thing as a clean human being. |
|
Tordurbar
join:2009-07-12
| reply to hayc59
Re: Comodo Continues to Damage It's Reputation
@ mvdu,
quote - "Right on; there IS no defense of Comodo IMO. Either have a better system for checking certs in place or get out of the security business."
As has been explained repeatedly, There Is a better system in place, It is EV.
If you require a third party's verification as to the "Who" you are dealing with,
you should look for it.
Use it.
Promote it.
Educate users.
Until it's shown to be broken or subject to abuse, it's the best we've got.
@ Trust me,
quote - "Or go and make cars for Ford"
It seems that no matter who they would build cars for, or how well they were built.
Their detractors would say they were crap because Comodo let them down in their
fantasy role as Universal SSL Cyber Police, Sworn to enforce some level of Trust that
never existed, but for in some misguided minds.
@ mers2
I agree that we disagree on the "riding both sides of the security fence" issue.
I have to respect your choice to not use their software based on your own opinion of
"not being ethical in other matters" where you find offense.
Good choice of firewall, we can all rest assured that both of our firewalls perform well.
@ SmokeyBear,
Yes, even to this day.
Ask and anyone that enters into a business arrangement with them seems to get painted with a scarlet letter in punishment, for an ill conceived distribution deal gone wrong,in their past.
Which for some irreparably damaged their reputation. Apparently forever.
It's just a search engine. With a marketing team trying to get "out there".
Great movie line "while we may not be done with the past, the past is done with us."
@ hayc59,
Stay tuned.
@ rcdailey,
Yea man, The truth is so lame.
@ mele20
Gotta give it up for Ford, the fiscally responsible corporate entity.
I submit for all,
If Comodo alone were to implement a higher standard for DV certs, or just shut down entirely.
The void would be filled in literally minutes and you would see Zero difference from the status quo.
So what are the haters real motives?
Here, I said stay tuned. Lukewarm off the presses.
Hater's Epic Fail sooooooooo funny!
»https://forums.comodo.com/feedbackcommen···sg313321 |
|
hayc59
VoodooChild
Premium
join:2001-02-26
David R.I.P. | reply to hayc59
Actually we and everyone online really
know who/whom the fools are! That is hot off the press!
Donna does know her stuff rather well and Melih
is getting very tired of back peddleing |
|
ashrc4
join:2009-02-06
australia
1 edit | reply to Tordurbar
said by Tordurbar :DV Certs Do Not Imply Trust. They provide a means of encrypting traffic. Browsers 101 - What does that Padlock mean? Answer - You have established an encrypted connection, Period. It is someones fantasy that it means anything more, Period. When the padlock came onto the scene it was purpose was to curtail some security issues. One of them was to provide better security by means of encrytion.
It was also pushed in the media to do buisness with those that adopted/used this method than not. The good name of those that supported it's use and fought for it's inclusion also at it's conception had hoped that it might be implimented responsibly.
This implimentation also was a sign of faith that those company's that chose to adopt it's use were infact being responsible in the security of there business. A company that chose to mitigate the potential of a third party to defraud it's customers and the banks was given a higher association of trust or at least that was the intention.
We certainly have come along way since then haven't we.
If Melih had just come out and publicly stated the below quote from the beginning (in regards to the cert issues) then gone on to re-establish it's responsibilty in-regards to future direction of cert developement. Then we would have had an informitive insight to the issues at had.
Unfortunatley he continues to treat the issues as a platform for further attacks on those that wish to call for such.
The CERT business is not just about issuing an encription method for the general public but a means of establishing a more secure method to protect banks web buisnesses the public goverments and all forms of commerce.
After seeing the carry-on from the Comodo camp in regards to future development on this issue a i sincerly hope they no longer continue to have influence in this respect. Or perhaps remove the heretics.
If this is a fantasy of mine thankfully i'm not alone.
Quote from Melih .......""Yes, we can revoke a cert whenever we want. But more importantly we have a high standard of checks & balances to make sure we do not issue certificates to bad sites in the first place."
"The system we have in place automatically rejects obviously fraudulent sites and kicks anything questionable to a manual approval. And if anyone flags a site as malicious, we have a team that investigates these and revokes the certificate if found to be malicious/fraudulent."
"For GeoTrust and RapidSSL we have the ability to revoke a cert issued to a malicious or rogue site instantaneously. The cert will then show up on our CRLs immediately."
--
It's one thing to be sure of yourself. It's another to confuse people. If they weren't related to each other we wouldn't have a problem;~) |
|
danny9
Go Ahead, Make My Day
Premium
join:2002-07-14
Clinton Township, MI
clubs:
 ·VoicePulse
 ·Comcast
| reply to Tordurbar
"I submit for all,
If Comodo alone were to implement a higher standard for DV certs, or just shut down entirely.
The void would be filled in literally minutes and you would see Zero difference from the status quo.
So what are the haters real motives?"
First, "The void would be filled........"
It probably would but not by comodo who's first priority should be only security. Maybe some people would actually start to trust you again.
Or is it really someone else would be making the money?
Second, .."the haters real motives?"
Let me clarify this again as I stated earlier.
I do not hate comodo but find your actions unethical for a security co.
Are you saying I'm a liar?
Or are you a parrot and repeating what you are told to say?
You seem to run in more circles then a dog chasing his tail.
--
"In times of universal deceit, telling the truth becomes a revolutionary act.."
George Orwell |
|
mers2
Premium,MVM
join:2004-03-20
USA
clubs:
·AT&T U-Verse
| reply to Tordurbar
For it being such a trivial matter and simply a bunch of "Comodo haters" putting the software down - you seem to invest an awful lot of time in trying to argue Comodo's case. As far as I can tell, it's your only purpose for being here. Too bad Melih doesn't invest as much time and effort restoring the credibility of his company. |
|
mers2
Premium,MVM
join:2004-03-20
USA
clubs:
·AT&T U-Verse
1 edit | reply to Smokey Bear
Re: The certificate industry marketing game
said by Smokey Bear :said by mers2 :Obviously, many of us disagree with you on Comodo riding both sides of the security fence with the certs. But there are still too many instances of Comodo not being ethical in other matters that I won't be using Comodo until they have a proven track record correcting that. Not to mention, personally I believe OA has a better firewall. You forgot to mention that Tall Emu/OA have also the better business practise when we look at ethics and moral. » onlinearmorpersonalfirewall.blog···rly.html Actually, I did mention it in one of my posts. It's one of the 2 primary reasons I run OA - it works and it's owner is ethical. Dynamite combo.
Edited to add quote "Edited to add quote "I use OA firewall, which works and the maker has shown himself trustworthy and ethical." from »Re: Comodo Continues to Damage It's Reputation
--
"The best proof there is intelligent life in outer space is the fact it hasn't come here." Arthur C. Clark 1917-2008
Team Discovery
|
|
Cudni
La Merma - Vigilado
Premium,MVM
join:2003-12-20
Someshire
| reply to Tordurbar
Re: Comodo Continues to Damage It's Reputation
said by Tordurbar :So what are the haters real motives? Here, I said stay tuned. Lukewarm off the presses. Hater's Epic Fail sooooooooo funny! Throughout your contribution on this site so far, what do you think you are achieving by the use of confrontational, adversarial and derogatory remarks. Will it bring goodwill to Comodo or further drag it through the mud ? What is the purpose of perpetuating this sense of siege mentality, of them against us? You are not doing Comodo cause any favours but if that is what you set out to do then you have succeeded.
Cudni
--
"what we know we know the same, what we don't know, we don't know it differently."
Help yourself so God can help you.
Microsoft MVP, 2006 - 2009 |
|
Tordurbar
join:2009-07-12
| reply to hayc59
Ok,
@ hayc59
quote - "Actually we and everyone online really
know who/whom the fools are!"
Define we?
Everyone online? - fairly grandiose delusion.
who/whom the fools really are! - Yes, and it becomes clearer with each misguided blog posting.
At least to those thinking with their rational parts.
I know my stuff too, apparently better.
@ asherc4
Massive misquote there.
You quoted Melih's quote of Donna's post of what Verisign said.
Only moments later to be embarrassed by them replacing the rogue sites cert
that Comodo had just pulled.
Although I agree, in an ideal world with out those who would abuse the system.
The good old pad lock could have somehow been taken differently.
Other CA's, not Comodo introduced DV certs to the marketplace.
There went any credibility the padlock had, other than to verify an encrypted connection.
In my view - The Pros
- Encryption is readily available to the masses, cheap.
- Business wise a good $ move for the CA's. they opened up a huge new market.
- Because this move blew the lid off whatever trust people thought they had in the padlock.
We now have a new level of Trust in the who/encryption/page validity available, in the form of EV certs. Costly in comparison but there are real checks involved.
It could be a win win if some bloggers could accept the new reality.
Our innocence won't be restored no matter how many times we click our heels or how hard we wish.
Why instead do they single out Comodo from all the CA's and try to hold their feet to the fire, for certs that imply no more than encryption/valid domain, the bad guys are the bad guys in this.
The refrain is that Comodo is in the security business and should not endanger users by issuing DV certs to rogue sites.
Newsflash - Comodo is first and foremost a CA and as such DV certs are dispensed in similar fashion to all other CA's.
That's no excuse for rogues, and like all the other CA's they will pull bad guys DV certs when properly notified.
They give away a wide range of free security software, and offer some paid services in support of this.
This is establishing a web presence.
Because their Free software is really quite decent, they have stepped on a lot of toes, loads of hard feelings to go around.
I'm positive there's none of that at play with any of these actors though.
The Cons
- Obviously first and foremost given the new reality. Due to ease of access. Bad actors can get DV certs, and drivers licenses and credit cards and cell phones and ISP's and Domain Hosts and whatever else they want, pretty much. Hello real world.
So the brainwave solution is to attack Comodo, come on price yourself out of the market, unilaterally raise the bar on getting a DV cert, come on bleed money for the good guys, take one for the team and go out of business.
Where as one of, or all of the above taking place would not change the cyber landscape 1 iota.
The better solution is to educate users on the new reality.
Use your Blog-o-powers to teach, rather than to tear down.
Though I guess even fabricated controversy is good for the hit count/fame. Hmmm.
@ danny9
I threw hater's out there as a generality, in reference to the hater's, it is freely anyone's choice to feel included or excluded from this group, based on their own sensibilities.
@ mers2
My time is mine to spend.
My only purpose for being here is that this thread and several like it, as well as a couple of blogs from where this crud stems, have seriously offended my sense of logic, and irked the hell out of my sense of right and wrong.
I do in fact devote a great deal of my time to helping others, and here is where I happen to have chosen to deal with my pain, re: the misguided borderline slanderous crud.
@ Cudni
I know you don't know me by this handle.
Please accept my apology for attitude, I'll work on it if further posts become necessary. |
|
hayc59
VoodooChild
Premium
join:2001-02-26
David R.I.P.
| reply to hayc59
@
Tordurbar
Oh you amuse me to the fullest
@
Tordurbar
Why do all you fan boys go to the hater part?
and after reading your little comment about MVP's
which was brought to my attention, what ever sense I thought you had is now gone!! and I do know your other usernames! thanks for stopping in...you have become reduntent
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security 2007-09
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget |
|
SnowyOne
Premium
join:2003-04-05
Kailua, HI
·RoadRunner Cable
 ·Clearwire Wireless
| reply to Tordurbar
said by Tordurbar :and like all the other CA's they will pull bad guys DV certs when properly notified. Ole!Ole!Ole! |
|
Tordurbar
join:2009-07-12
| reply to hayc59
I am indeed happy that I have given you the gift of joy.
If I had not used the word hater, or made the MVP quip.
Would we not still have ended up here, with you calling me fan boi.
In the face of facts, logic, and the reality on the ground. |
|
hayc59
VoodooChild
Premium
join:2001-02-26
David R.I.P. | reply to hayc59
Actually you have tried to turn this from an educational
thread to another joke by Melihs F.B's and I for one do not appreciate it at all!! |
|
SnowyOne
Premium
join:2003-04-05
Kailua, HI
·RoadRunner Cable
·Clearwire Wireless
1 edit | reply to Tordurbar
said by Tordurbar :In the face of facts, logic, and the reality on the ground. I'm all for facts, logic & grounded logic reality.
said by Tordurbar :1. "I on the other hand believe that everyone has a right to privacy and security through encryption." 2. "DV certs are issued without checks. So again it really doesn't matter who has one, Do Not use it as an indicator of who or Trust." 3. "...and like all the other CA's they will pull bad guys DV certs when properly notified." It was only a matter of keeping you talkng long enough to get you contradicting yourself.
Why pull a sites cert if your quotes #1 & #2 are true? |
|
Tordurbar
join:2009-07-12 | Your kidding right?
Otherwise two words.
Obtuse and Grasping. |
|
SnowyOne
Premium
join:2003-04-05
Kailua, HI
·RoadRunner Cable
·Clearwire Wireless
| said by Tordurbar :Your kidding right? No, what do you find amusing about my post? |
|
