http://www.ttm2u.com/ AVOID

Status
Not open for further replies.
hooter1 said:
Also lets consider that if there were an order in the middle of process and that was the day the shit hit the fan, they may not have even gotten it. There a a few elements to an op such as these, without breaking it all down, we know there is a runner - (picks up money), and a money guy - (takes in money verifies order).  And the sad part to anyone who may have gotten lost in the wastelands, it's probably impossible to get a replacement or a refund due to the site, hence the system, becoming fucked every way from sunday. But GL every1 who is still outstanding.

H'okay.

To touch on the SLL cert. it gives you an error because it resolves back to the old site, one with with and one without the www. That's it.
Click to expand...
Yes, GOOD LUCK and hope you receive their package.

@Hooter1  Would SSL refuse them a certificate because of domain jerks?  Or overlooked with all other chores getting set up again?

Why do you think their SSL not for new site yet?  They obviously aren't ripping people off since packages were received while tt site was down.

BTW I won't mention names (it can be seen in tt thread) - but shame on person who said they received meds but not charged for them and hoping they get off w/o paying.  You should be telling tt what happened, not ripping off one of best vendors out there.  It shows your lack of personal integrity and honor to rejoice at tt's misfortune and hope you can use their misfortune to get your order free (same as outright stealing in my book)  You might want to rethink that poor moral choice.

 
ps2556 said:
mailed 4th n 5th received 5th but no 4th and another LL for some airems
Click to expand...
Maybe the US flag on your face po'd UK LE and that's why you're getting picked on   LOL

Does LL threaten or just factually explain why you won't receive package?

 
hooter1 said:
The problem I see with that is that if the site was killed, the data lost, etc. I think it would be almost unfair to expect restitution due to the fact that how would they know? In other words 4000 people could say HEY I ordered that day too. Just a thought. Personally I'm just happy they are making a (come back) <---- reference for Jewy lol
Click to expand...
They had all my previous orders/account info intact.  I don't think they lost their data except maybe what was happening just previous to shut down or that day (before they could download for safety somewhere).

They probably download a copy of entire site database at least 1x/day like I do with my site and therefore have an intact exact copy of everything/everybody (from day or so before Locked by jerks)

My site has been hacked, damaged - but because I downloaded copy of it night before, techs took it and was back online in no time.

I believe if people read back to beginning of week when this started, somewhere I posted about changing domains/servers etc   And I said it took me (with techs helping) from beginning to end of a week before I got it back on line functioning, with still few minor glitches to clear up - but my info and structure intact because of backup I downloaded.

ANYONE with a site, blog, etc should download contents at end of day after running malware, spyware software, repair registry, clean up disk, and other maintenance functions before turning PC off.

(that's if you aren't having problems, then there's more to do....... I learned the hard way & with guys on net giving me tips)  Should run CCleaner periodically - it'll speed up computer to keep it clean.

Computer is like a horse - you don't just ride it and have fun, walk away (bow-legged).  When finished using computer, there are chores to do for the 'horse' to keep him clean and healthy.  SAME with computers

(I wish my mom would accept this instead of having me clean months of crap from her computer every visit  "cuz it's running so slowly"  ARG!)

 
hooter1 said:
Hope so. Reckon
Click to expand...
It's standard practice among site owners/administrators according to what other owners told me - that's how I knew to do it with my site (and it saved my a** more than once) 

 
hooter1 said:
10. I have changed my server, or moved to a different provider, how do I move the certificate?

The easiest way is to create a new CSR on the new machine and have the certificate re-issued.
Click to expand...
Correct, the old certificate cannot be changed, so hence the error everyone is currently getting. They have to get a new SSL certificate. If the certificate showed a difference domain then we were used to it would be something to worry about, but I don't think we

Have anything to worry about in regards to the ssl certificate.

 
Swill369 said:
Correct, the old certificate cannot be changed, so hence the error everyone is currently getting. They have to get a new SSL certificate. If the certificate showed a difference domain then we were used to it would be something to worry about, but I don't think we

Have anything to worry about in regards to the ssl certificate.
Click to expand...
Are you saying since old certificate shows tt's old info, it's a good sign? I can see that.

Could you elaborate about not having to worry re: ssl certificate?

Shouldn't we wait until ssl certificate matches new tt name?

Or are you saying in your opinion we're safe to order from them now,

as regards transaction security with our cc info ?

 
Denise said:
Are you saying since old certificate shows tt's old info, it's a good sign? I can see that.

Could you elaborate about not having to worry re: ssl certificate?

Shouldn't we wait until ssl certificate matches new tt name?

Or are you saying in your opinion we're safe to order from them now,

as regards transaction security with our cc info ?
Click to expand...
The ssl basically confirms that the site you are going to is who they say they are. IMO since it is the old certificate with the original domain name that we've all come to know. If the ssl was reflecting a different name that we had never heard of then I would be concerned. But since the certificate shows the sites original name IMO there is nothing to worry about. Again, just one IT guys opinion.
EDIT: From what I can see it is still encrypted.

 
Last edited by a moderator:
Swill369 said:
The ssl basically confirms that the site you are going to is who they say they are. IMO since it is the old certificate with the original domain name that we've all come to know. If the ssl was reflecting a different name that we had never heard of then I would be concerned. But since the certificate shows the sites original name IMO there is nothing to worry about. Again, just one IT guys opinion.
Click to expand...
OK.......so it's still not secure for transactions w/o current ssl cert - but we know we're working with the same people at T10 as before and that's why it's good they match.   I can understand that.

Thank you for clearing that up for me.  Learned several things new today.

Sure wish they'd get the new SSL certificate.........

 
Denise said:
OK.......so it's still not secure for transactions w/o current ssl cert - but we know we're working with the same people at T10 as before and that's why it's good they match.   I can understand that.

Thank you for clearing that up for me.  Learned several things new today.

Sure wish they'd get the new SSL certificate.........
Click to expand...
The data is still encrypted(at least that's what I'm seeing on my end) the ssl error is basically saying "hey this might not be who you think it is"

 
OK.   Thanks for clearing that up. 

I thought SSL meant transactions had special protection for credit card numbers when you 'checkout' so they can't be stolen and used to steal money in the account.

 
Denise said:
OK.   Thanks for clearing that up. 

I thought SSL meant transactions had special protection for credit card numbers when you 'checkout' so they can't be stolen and used to steal money in the account.
Click to expand...
If your browser asks you to trust a invalid certificate, the info is still encrypted. You just can't verify that the person receiving the info is. As I said since the certificate reflects the old domain name, if I needed to order I would, but again this is all just my opinion. As I am showing that the connection is encrypted.View attachment 342

 
Swill369 said:
The data is still encrypted(at least that's what I'm seeing on my end) the ssl error is basically saying "hey this might not be who you think it is"
Click to expand...
I'm not trying to be argumentative here, but SSL certificates are NOT transferable from one domain to another. Once a certificate is issued to a domain, that's it. A new certificate must be issued to the new domain if a site such as TTM is migrated from one domain to a new one. This is well documented and standard industry practice. Please do not take my word for this, perform a simple Google search and confirm for yourself. That's point number 1. Point number 2 is that the new TTM site is throwing the certificate error because, as of late last night anyway, the certificate was still resolving to the old domain name that is now locked, which is consistent with point 1, that being that SSL certificates are non-transferable. So, until such time as they obtain a new SSL certificate for the new domain, there is no way to be certain that transactions are 128 bit encrypted, and hence fully secure. This is not any sort of accusation towards TTM, as I'm sure they have the best of intentions where their customers are concerned. This is an issue of the security of your credit card data between your computer and their server, and the true fact is, at the present time anyway, there are no assurances provided via 3rd party verification that your data is secure on its journey between those two points. The fact that the new domain is running 256 bit encryption on the server side means nothing in theory. The whole idea of an SSL certificate is to provide customers 3rd party verification of the security of their personal data between two points.

That being said, the next question is, "how long will it take to get a new certificate". If that question is of interest to you, read the brief description of the SSL certificate issuance process at the link below. In doing so, bear in mind that "extended validation certificates" are the industry standard among the vast majority of merchant processors (credit card processors). The information described at the link below, coupled with that knowledge, should give you some indication of how long it MAY take for them to acquire a new SSL certificate for the new domain.

Oh, I understand. I thought you meant that you never had the answers posted to begin with. Now I see what you mean. As for TTM, no, their bank would have nothing to do with it. Have a look at the link below, which is a brief, concise description of what is required to order, and receive, an SSL certificate. I'm sure you will be able to read between the lines and identify the challenges a company in this industry might face in obtaining anything more than a "domain validated certificate". I don't know who their merchant processing service provider is, but most generally, the highest, "extended validation certificate" is required to accept Visa / Mastercard, etc. I had hoped to avoid opening this can of worms on their thread, but I may have to. Anyway, here's the link:

http://www.sslshopper.com/how-to-order-an-ssl-certificate.html

 
Last edited by a moderator:
Since we are talking about ordering though. Has anyone that ordered from the new site received a email after order or anything yet?

 
Jewbacca said:
I'm not trying to be argumentative here, but SSL certificates are NOT transferable from one domain to another. Once a certificate is issued to a domain, that's it. A new certificate must be issued to the new domain if a site such as TTM is migrated from one domain to a new one. This is well documented and standard industry practice. Please do not take my word for this, perform a simple Google search and confirm for yourself. That's point number 1. Point number 2 is that the new TTM site is throwing the certificate error because, as of late last night anyway, the certificate was still resolving to the old domain name that is now locked, which is consistent with point 1, that being that SSL certificates are non-transferable. So, until such time as they obtain a new SSL certificate for the new domain, transactions are not 128 bit encrypted, and hence are not fully secure. This is not any sort of accusation towards TTM, as I'm sure they have the best of intentions where their customers are concerned. This is an issue of the security of your credit card data between your computer and their server, and the true fact is, at the present time anyway, there is nothing securing your data on its journey between those two points.

That being said, the next question is, "how long will it take to get a new certificate". If that question is of interest to you, read the brief description of the SSL certificate issuance process at the link below. In doing so, bear in mind that "extended validation certificates" are the industry standard among the vast majority of merchant processors (credit card processors). The information described at the link below, coupled with that knowledge, should give you some indication of how long it MAY take for them to acquire a new SSL certificate for the new domain.

Oh, I understand. I thought you meant that you never had the answers posted to begin with. Now I see what you mean. As for TTM, no, their bank would have nothing to do with it. Have a look at the link below, which is a brief, concise description of what is required to order, and receive, an SSL certificate. I'm sure you will be able to read between the lines and identify the challenges a company in this industry might face in obtaining anything more than a "domain validated certificate". I don't know who their merchant processing service provider is, but most generally, the highest, "extended validation certificate" is required to accept Visa / Mastercard, etc. I had hoped to avoid opening this can of worms on their thread, but I may have to. Anyway, here's the link:

http://www.sslshopper.com/how-to-order-an-ssl-certificate.html
Click to expand...
Actually I've posted 3 different times starting back on page 123 I believe that they would have to get a new certificate, that it could not just simply be updated or changed to reflect the new domain name. My point was that the certificate reflects the old domain so IMO we are still dealing with the same company. The certificate currently being used just does not reflect the current domain name hence the error.
EDIT: Jewy, always up for a good IT debate as everyone will have a varying opinion. This is why I made sure to include IMO on all my previous posts. For all we know they might not even realize the

Ssl issue. I'm in agreement with you. They were probably

In such a hurry and just uploaded the backup without giving a second thought to the fact that the ssl certificate would be a mismatch.

 
Last edited by a moderator:
Swill369 said:
Actually I've posted 3 different times starting back on page 123 I believe that they would have to get a new certificate, that it could not just simply be updated or changed to reflect the new domain name. My point was that the certificate reflects the old domain so IMO we are still dealing with the same company. The certificate currently being used just does not reflect the current domain name hence the error.
Click to expand...
Yes, you very well may be right, but there is no guarantee of that until such time as a new certificate is issued, and I think it's imperative to make sure that members understand this. Is it most likely a reasonable gamble? Sure, I suppose so, maybe. I'm only minimally qualified to engage in tech debates, but after a commercial finance career of 20+ years, I am qualified to say that some financial institutions, not all, but many, have much higher liability and fraud protection limits, if any at all, where e-commerce transactions are concerned that are conducted over non-SSL encrypted connections. (verified, valid certificate required) This is a risk factor that people should be aware of, if only so they understand the risks of ordering prior to the issuance of a new SSL certificate.

 
Jewbacca said:
Yes, you very well may be right, but there is no guarantee of that until such time as a new certificate is issued, and I think it's imperative to make sure that members understand this. Is it most likely a reasonable gamble? Sure, I suppose so, maybe. I'm only minimally qualified to engage in tech debates, but after a commercial finance career of 20+ years, I am qualified to say that some financial institutions, not all, but many, have much higher liability and fraud protection limits, if any at all, where e-commerce transactions are concerned that are conducted over non-SSL encrypted connections. (verified, valid certificate required) This is a risk factor that people should be aware of, if only so they understand the risks of ordering prior to the issuance of a new SSL certificate.
Click to expand...
You my friend are spot on with this post. Even then with a Proper ssl certificate nothing is guaranteed in this day and age.

 
Current domain name reflected BUT more importantly will they even be able to accept VISA or MC w/o the EVC  mentioned by Jewy?  And sounds like more danger account numbers could be stolen...... /default_sad.png  They don't give many payment choices....

Has anyone ordered using a credit card since tt back up?

 
Last edited by a moderator:
Denise said:
Current domain name reflected BUT more importantly will they even be able to accept VISA or MC w/o the EVC  mentioned by Jewy?  And sounds like more danger account numbers could be stolen...... /default_sad.png  They don't give many payment choices....

Has anyone ordered using a credit card since tt back up?
Click to expand...
That's a good question and could possibly be why they used the old certificate instead of getting a new one?? Just guessing on this, so take with a grain of salt. You and Jewy are both right about it being riskier now. Even with what I've mentioned in previous posts about the info still being encrypted without the ssl the transaction would be done on port 80(http) whereas with a

New correct ssl certificate it would be over port 443(https).

 
Status
Not open for further replies.
Drugbuyersguide Shoutbox
  1. LatsDoodis @ LatsDoodis: @SeaDonkey I think everyone deserves a second chance. I worked all night so eclipsing my life away… I do love stargazing and a telescope is high on my list of things to do when I’m high!
  2. iamgroot @ iamgroot: replied you already
  3. iamgroot @ iamgroot: are you talking about me? lol
  4. Diz-E @ Diz-E: @ I am Groot--I emailed ya bro, Diz-E
  5. SeaDonkey @ SeaDonkey: @LatsDoodis by tonight I meant like 16 hours from now, so you still have a chance!
  6. LatsDoodis @ LatsDoodis: @SeaDonkey ooh, I just got home, too, but Iit was raining here all of a sudden! How was it?
  7. SeaDonkey @ SeaDonkey: Anyone else gonna watch the lunar eclipse tonight
  8. S @ scarred14: @RussianRambo who did?
  9. xenxra @ xenxra: what the fudge
  10. R @ RussianRambo: he set up a controlled delivery on 2 people
  11. R @ RussianRambo: Slaughter AKA Slaughterhouse is no good anymore
  12. R @ RussianRambo: coolchems no good
  13. hiTillidie @ hiTillidie: Just yankin your lobe jason...once paid you should have privleges.
  14. hiTillidie @ hiTillidie: You gotta buy vendor coupons first...
  15. J @ jason1974: How do i access approved vendors now that i am a member?
  16. xenxra @ xenxra: @jason1974 every single time someone pops up with that handle, they're a scammer. my browser gives me a security warning for their site.
  17. hiTillidie @ hiTillidie: Coolchems is no good
  18. hiTillidie @ hiTillidie: Xenxra yeah fir sure.pigpredictable
  19. J @ jason1974: Can anybody vouch for Coolchems.com?
  20. J @ jason1974: Can anybody vouch for Coolchems.com?
Back
Top