Think bots shitted up my thread - just looking for a second opinion.
Short version: made a post describing SSL being intentionally backdoored, explained ramifications for most VPNs, and related. Went well for a bit, then this guy shows up, and then this guy, and within a minute, my submission had 6 downvotes, and most of my comments did too (some of those downvotes have been removed - at one point, all of my existing comments had -6).
Those two posts then gained 12 upvotes, also in the span of a minute. Two of those guys were aged accounts.
@jwolfsen
Member for: 1.1 years CCP 73
Top comment: She can "fix him"
3/4 of his first page of comments are all one-liners, the remainder are only 2 sentences. Literally never posted anything of substance.
@SarcasmIsHateCrime
Member for 4.6 hours CCP 5
This guy's first post was in my thread. He literally created an account to shit up my thread.
@ChiComs
Member for 7 days
Literally bragging about shilling his way up to 134 CCP in less than 16 hours in this post once @Epictetus_Hierapolis tried to out him as a shill Image backup
@zatoichi69
Member for 3 months
This is another aged account - last post was over a month ago.
Had +5 | -0 ccp when he entered my thread. Literally gained the ability to downvote in my thread when the other bots brigaded him.
zatoichi69 ago
Why do I have to defend myself from insecure dickheads all the time??
zatoichi69 ago
The fuck you are, nigger. I've been personally approached by bots, so fuck your little nigger cock, dude.
SearchVoatBot ago
This submission was linked from this v/QRV submission.
Posted automatically (#9992) by the SearchVoat.co Cross-Link Bot. You can suppress these notifications by appending a forward-slash(/) to your Voat link. More information here.
zatoichi69 ago
Oh my, this is funny. Someone disagrees, must be bots/shills.. Dunno what to tell ya man. You're right that i've never contributed anything of substance as it's a lot of work and I think one has to do their due dilligence before posting as to not mislead people. Too much work so I'm not really that inclined to make lengthy posts. Kinda ironic that this is probably my longest post.
Anyways, joined the site over three years ago but deleted the account as i got into details which revealed my country of origin. And it's not a big country.
ChiComs ago
His alarmism is fine, and made me waste hours trying to educate others, but the MITM situation is being addressed for top 500 web destinations soon by all the major browsers, and enforced the first day of march 2020. Meanwhile a VPN service , a good one, prevent MITM fully for https in a convoluted but sound way and cannot be exploited.
alele-opathic is a butt-hurt moron trying to play "Internet Expert' and accusing all his engineering superiors of being jew shills and Qoomers. Really both arose in this thread (which he will delete or sneak edit)
Womb_Raider ago
Those are all SBBH accounts. @freshmeat look at this post
15123120? ago
You need to grow up and start thinking for yourself, child.
ChiComs ago
For Jeeebus christ! This is ChiComs, the +3 year old goat with a new name every 6 months.
You mixed up so many terms regarding SSL and HTTPS and even what VPN services fundamentally offer and do that people all realized you were pretending to play "internet expert"
I merely took the time to hand create a VERY VERY detailed post on why your post was partly "FUD" :
https://en.wikipedia.org/wiki/Fear,_uncertainty_and_doubt
I REPLIED :
https://voat.co/v/whatever/2855102/15054379
And 12 people upvoated it and your feelings got hurt! I did not attack you or even highlight your errors in my post, I merely informed people.
Go ahead read it : https://voat.co/v/whatever/2855102/15054379
And then you wrote like a low IQ retard :
Bwahhh hah hahhh! THAT is your technical critique of my very very detailed educated reply to you ?
That is indicative of your insane butt-hurt.
Admit you are wrong like a real man , and move on. I have no time to teach you internet protocols or how SSL works in HTTPs and normal VPN services.
And my post was jam packed with 100% factual information, and you , like a low IQ shill, claimed my post disproving you was all nonsense word salad! hah!
Now you want to crybaby to people here?
alele-opathic ago
Your so full of shit. None of us sound like that. Your posts are all in the qCumber style and no old goat says that shit. I'd know.
Your post had no substance or detail in it. I left it be, as everyone can see it as it is. You started your post by claiming that some website could detect a MITM, which by default is false (you can only detect imperfect MITMs), and you should know this - it's literally in the paper you linked in your edit.
You then claimed:
Which is demonstrably false, and there are links all in my OP and comment replies that substantiate this. Your claim was substantiated by nothing.
Again, in qCumber style, and also easily proven false. Verisign has been MITMing SSL since the early 2000s, and this is well documented.
There is nothing else to your post. You spend 2000 characters building a strawman, also in typical qCumber style, which was false on it's basis. You provided literally no evidence to refute my post, and, given that my post was getting an average of about 1 view per minute, you gained 12 upvotes in less than a minute. You literally fail the sniff test at every turn.
>>>reddit
ChiComs ago
"Your so full of shit" should be "You're" or "You are".
I stopped reading after that first line, I am sincere. That is all I read. I am not kidding, I truly mean I stopped reading.
A wayward "Your" is indicative of low caffeine or low intellect. In your case, though even I type with no autospell enabled due to my personality, I would not type a wayward "Your" as you did, for fear of looking uneducated. All your other misinformation on how end-to-end HTTPS over VPNs work (too lengthy to educate you here) made me and others realize that sadly, you are not worthy of debating with directly because of something referred to as the "intellectual chasm" popularized by Leta Hollingworth.
Leta Hollingworth 100 years ago noted that +/- 2 standard deviations of IQ difference between two individuals made proper communication difficult or impossible because the higher IQ person will look like an incomprehensible nerd and the lower IQ as a moronic dullard – and they will not find anything common.
You ALREADY ceded that exact point when you claimed my 100% factual post provoked you to rebut in total "His post is word salad and makes no sense"
I now know that we are at a permanent impasse because it could take years to educate you enough for you to know all the technical errors you made and keep assuming, and the ramifications.
Like a low IQ dullard, you call all your mental superiors names, such as qCumber, etc.
Parts of my words were for a wide variety of scenarios, including if false root CAs on machine vs missing root CAs. End to end RFC 2246 SSL X.509 certificate chain is secure if the browser maintains a padlock and the topmost and bottommost certificate are known valid, snd topmost is stored on your machine already or in your browser.. A VPN has no bearing on HTTPs fundamentally because it is merely a transit across a SSL protected stream, if a normal VPN. Your solution just puts trust in a foreign agents cert database and delivers certs through an allegedly secure side channel to your machine, yet that service itself can just as easily be compromised as a total "all byte" bad actor controlling all bytes, all packets in and out of your machine. A browser such as Safari is allowed to cache and store prior "Public-Key-Pins header" emitted in some large websites that let users know immediately that there is a NEW man in the middle that week. The problem is that the MITM would strip or rewrite PKP, plus most node.js packages for http and https full web servers dont even normally promote that idea, and it can cause stale issues without using two certs allowing a time window to roll out new certs every 2 years without users being locked out. Apple is ABOUT to lay the banhammer down on the entire internet in 2019 and force not just strong SSL, but go apeshit if an iphone, ipad, or mac connects to a MITM or no SSL web site. I am not kidding here is a release from the press this month : https://webkit.org/blog/8462/deprecation-of-legacy-tls-1-0-and-1-1-versions/
only TLS 1.2 SSL in https in 2019 and in March 2020 Apple said NO WAY FOR USER TO CONNECT AT ALL using an apple brand browser, or Firefox, Chrome, or IE on that month.
More amusing, Apple et al will be caching not only root CAs on machines but cashing non-revoked famous certs for all popular web destinations (facebook , instagram, reddit, twitter, ebay, amazon, etc etc) with no way in hell to do a MITM attack at all starting in 2019, so long as the apple machine is not tamperred with or hacked. end to end ssl with no MITM, expect for state level actors (NSA) being able to possibly resign and break the stream via having all keys end to end somehow.
Anyway, all my words go over your head so I don't know why i bother replying to your troll attempts.
Apple (the stewards of Webkit used in Chrome and Safari and other browsers) revealed
Womb_Raider ago
You say he’s trolling but you ignore his entire comment due to a singular grammatical error? SBBH is whack. He makes your argument look weak so you ignore his argument and attack grammar. Priceless.
ChiComs ago
I cannot talk with him because his knowledge of the topic is so meager and uninformed, I decided to address merely one remaining point that OTHERS also pointed out, namely that he does not know how typical VPN services cannot be MITM attacked , and that reply was made moments after your grammar comment. I did not respond to his other new 4 errors but focused on the VPN stream. That helpful guidance from me, as charity, is here in this thread adjacent to your remarks : https://voat.co/v/AskVoat/2856048/15069743
he did not make my argument look weak. I doubt he can EVER find a single tech error in ANYTHING I ever wrote, and he never has yet.
When he types nonsense and errors and I dont reply it does not make me look weak! Its root cause is the the "intellectual chasm" popularized by Leta Hollingworth. He continually states he cannot understand me.
SearchVoatBot ago
This comment was linked from this v/whatever comment by @alele-opathic.
Posted automatically (#9805) by the SearchVoat.co Cross-Link Bot. You can suppress these notifications by appending a forward-slash(/) to your Voat link. More information here.
alele-opathic ago
lmfao
I'm smelling a jew.
The largest VPNs use SSL to auth, and HTTPS is over SSL. Any vulnerability that compromises SSL compromises HTTPS as well, as I literally explained in my OP, but you are too retarded to into basic reading comprehension.
Does this even need a response? This isn't even wrong - this is retarded.
ChiComs ago
BwaHHHH HAH HAH HAH!!!!!!
A REAL VPN always includes a key certificate for the user endpoint in the software installer to prevent any man in the middle!!!!!!!!!!
You erroneously wrote like a retard :
HAH!
I've been configuring secure VPNs for two decades, prior to SSL they even used generated "preshared keys", hand installed from the admin or in the configured deployment package for your team members. the most modern VPN installer packages create a generated key per user for the installer in case a laptop is stolen so that no edge is gleaned cracking the other team members codes.
GOOD FUCKING luck breaking that with man in the middle, einstein.
The signed and downloaded apps on app stores also come with the public side of a ssl key for all the hand held vpns! Totally secure!
GOOD FUCKING luck breaking Apple iTunes encryption and store infiltration, r Google Play Store signatures, with man in the middle, einstein.
the more you talk about VPN the more apparent you know nothing about any internet protocols.
Where are you learning your misinformation when preshared keys are being used?
WHO THE FUCK erroneously upvoats his proven MISTAKES!?
Do You even the basics of what a VPN really does?!
Not that it matters a lot, but of course the data leaving the VPN front facing point to the internet can be attacked by man in the middle once it is deencrypted back to its stream, and if the stream is HTTPS , the VPN software is allowed to overwatch these two things :
1 > DNS lookups if you are letting DNS flow through the VPN, to see the name you think you are trying to go to
2> Any initial port 443 ssl handshakes, they are opaque but the vpn company can twin a second request and use THAT same port in second near-simultaneous lookup to do a certificate analysis, and the VPN service remotely can see if a man in the middle is being attempted at that ip address and port for your assumed DNS domain target (in 2018 some ips have multihomed certs and domains). If so, it can sever your inecure connection and even block the last part of the handshake... delaying it from completion PRIOR to sending it through until it completes its own certificate chain search. It can use multiple points of presence across the globe to probe and cache proper ssl certificates.
TL/DR: alele-opathic IS A KNOW-NOTHING wanna-be IT wire wiggler who is trying to play the role of big boy "internet expert" and does not know how stupid he sometimes looks to real engineers!