New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
no - its a Let's Encrypt what did you expect?
expected some reseller thingy going on
What?
Isn't virtualizor like 1-2$/month for a vps? Any cheaper would be less than PayPal fees.
Nops its 10$ for unlimited vps per month and 200$ one time payment. 1-2$ fee is for like 1 or two vps instances only.
https://virtualizor.com/pricing
NOC is even less, $7 for unlimited! Im not sure how much cheaper can Virtualizor even get.
Plenty of phishing sites use GoDaddy/comodo/other common cert provider here DV certs, which CA is being used shouldn't be on your criteria for whether or not something is legit.
DV proves ownership of the domain, not that the domain is used for legitimate purposes. OV is easily manipulated (register in a country the target isn't registered in), and EV doesn't add much value - 99+% of users won't see a difference (and wouldn't care if they did) between DV and EV. Even worse, if a user does see your org name in their browser and does care, if it is different to your brand name they are likely to read it as them being phished - where you aren't specifying your "doing business as" name as the org name - which is allowed, but almost nobody does.
Always make sure who you're dealing with is legit independently of the cert.
I do agree and my comment may have sounded like I based the whole thing off of the cert. Not to say there are many "fishy" sites with legitimate paid certs, my first impression of an already fishy looking site with a Let's Encrypt is not good.
Like I said, from a first impression if a business is not willing to spend an extra 5 minutes on a "business" cert and the site is already not looking legitimate then its a no.
What is a "business" cert and why is someone that relies on manual processes better than someone that relies on automation where they can and there's no compelling reason to stick with the manual process?
I agree that a dodgy looking site needs a very close look -- but I disagree that CA will give you any meaningful information re: whether they are legitimate.
You are asking questions people have been debating ever since LE came out. Simply put, when it comes to running a business LE does not carry the same level of trust as OV or EV. There is a reason for OV and EV to exist and maybe many online users won't even notice the difference, but to the people that know, its a big red flag.
The question was rhetorical - I'm making a point that there is no such thing as a "business" cert and that manual processes are generally more prone to error than automated processes.
People that know, should hopefully know OV is seriously flawed (though most won't) - nobody would know which is legit between say - Stewdetox Ltd and Stewdetox Gmbh. EV shares many of the same problems, costs a chunk, requires manual actions to verify and doesn't deliver value to your users.
tl;dr is you absolutely should not rely on certificates for checking someone's legitimacy.
If you need something cheap https://my.nexusbytes.com/cart.php?a=add&pid=117
Only requirement, you need atleast 1 active service with us. So why not simply host the master on a Sexy NB BM ?
But there is!
OV and EV are not "business" certs. What do you think is one?
That's what I meant. 1 vps node is 1$/mo. So you can install it on a big VPS node and use it for multiple lxc/kvm/vms.
>
Its literally in the name "Organization Validation"! But hey man, you do you.
"Organisation" being a very loose term. It absolutely does not definitively mean business - in any way. All it means is somewhere there is an organisation of some kind with that name. It doesn't mean it's the organisation the end user intended to contact, it doesn't mean it's a business.
As I said earlier, you can literally register a business / non profit / trading name / etc etc etc using a name already in use elsewhere and get an OV cert deceivingly similar to that name. It is completely feasible for phishing attacks to be mounted using OV certs - there's just a slightly higher barrier to entry for the scammer.
It should not be relied on.
Seems like a lot of these scammy licenses this year - cheap cPanel, cheap DirectAdmin, etc. Seen them everywhere.
I see they got Quadranet on the list of companies... Only thing that would make it more legit is the new Alpharacks remake lol.
I also noticed first off that the favico is the default Plesk one...
If you think an Organization certificate takes an extra 5 minutes, you're already unqualified to be having a serious conversation on the matter.
It still wouldn't solve the problem of "is this company legit?", because verification of an organization does not check their business legality, just that they are who they say they are.
What? Obviously not literally 5 minutes! But hey, you do you too...
Hi,
buyvirtualizor.com is not our customer and not in our partners list. They have copied our website and selling the fake licenses.
Please do not buy any such licenses from these kind of websites.
We will take actions regarding this website as well.