With the launch of his new paywalled website, couldn't help but noticing the concern some turdites had over the non-secure state of the website. A few commenters wanting to pony up their credit card details noticed there was no encryption on the new site, but Turd had 'talked with his tech people' and announced that there was nothing wrong with the security and that the digital certificate was working [link].
Since this is my area of expertise, I thought I would take a look. Basically Turd is Right and Wrong at the same time - this is normal in the world of technology, where many layers of complexity exist.
Here's how it works:
- The site is currently accessible under both http and https. At time of writing, the advertised link is http://www.turdtalksmetals.com/ which will take you to the site, but only using normal http (non-secured, running over port 80, for those technically inclined).
- If he had advertised it as https://www.turdtalksmetals.com/ then that address (same site) uses encryption, and the digital certificate is fine (session is viewed using Secure Socket Layer over port 443).
- His techies will have tested out the https link, and reported back to him that the digital certificate working fine. So they are right, and he is right, but for anyone using the link he provided in the post, Turd is wrong, and from their perspective his statements above can be proven wrong. His tech people for the new site (which isn't the Shimshock group) forgot to force security so that the login and credit card pages could only be viewed using SSL. They also failed to realise that Turd may have advertised the non-secure link.
- It's really a end-user psychology issue, not a technical one, since the NSA's super computers can decrypt your encrypted internet stream in realtime anyway, if they really had the desire to.
This is all easily fixed - for example all Turd needs to do is update the link, and some people will be a bit more relieved. Or make the registration page SSL only, or whatever. What I'm interested in, is that it is possible to be both wrong and right at the same time, depending on what perspective the observer has. In addition, it's not possible to be an expert in all areas so Turd had to consult the secure status issue to his subject-matter-experts who got it wrong because their field of assessment was from a limited perspective. It could be argued that Turd may potentially have the same approach with his silver-side analysis (relying on experts who don't themselves have the full picture), but I don't think that's a fair conflation since tech stuff really is quite complicated, and any commercial website launch will always have teething problems. But it's valid to say that the complexity of the modern metals markets are also underestimated ... perhaps two different observers can study a topic like manipulation and both come up with the wrong interpretation because they both don't have the full picture. Daily life has lots of these situations and to migitate potential errors, we typically defer that kind of assessment to the experts, and trust that those sources:
- Aren't playing you and your audience by feeding you deliberately wrong, partial or biased information.
- Have proven to have a breadth and depth of knowledge in their subject.