All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
So here comes the story of xoxo's SSL
As information gathered together, here comes the nearly (if not completely) true story.
@xoxo used to be @enj0y, a guy with some techniques. He was one of a few candidates in a competition held by Ali.
Yet he's also a notorious scammer. He put aff hijacking code in forum posts; left backdoor in website he made for others to blackmail those who used it; threatened to ddos others' site if they wouldn't tell him techniques...
In 2013, he was hunting for job but still keen in hacking, and seems especially on ssl sites.
http://www.wooyun.org/bugs/wooyun-2010-026456
In early 2014, he registered with Globalsign as a reseller with company name "Superco Co, Ltd" ([email protected]), and exploited bug in Globalsign's billing system to sign certs for free.
He abandoned account @enj0y and used @xoxo. At first he gave out some 3yr or 5yr certs; later he started selling.
Recently, Globalsign noticed the account signing without paying. So they revoked all certs requested from that account.
Information about this guy now has been all digged out, including real name, photo, resume. These are posted in Chinese forums.
So much for this...
Comments
Link Plz that dog took my bitcoin
https://v2ex.com/t/178503
Reply #34, #103
englis pls
Not surprising, but thanks for the info.
enj0y, a scammer former on HostLoc, the most "blocked" ID on V2EX.
One day Helen hacked the site and then post on https://www.v2ex.com/t/167227 , saying that enj0y (xoxo) is "selling some stolen goods" (销赃).
Then the certs got revoked.
Is xoxo the same person as enj0y, and Justin Caboo?
xoxo is enj0y.
I don't know Justin Caboo...
A Famous Hostloc Figure.
He took over $300 from me but I feel like spending $3k if it would mean seeing him behind bars. GlobalSign is also to blame in this. This is the second time one of their resellers has scammed me, earlier it was @centriohost now it's @xoxo. Down with GlobalSign and their pathetic reseller program.
Should have just gone to VMBox.
@raza19 stop talking like shit. We don't scammed anyone. We update pricing for globalsign regulation, which does not mean ssl was canceled for pricing update. Those who paid for the ssl, enjoy it for the full timeframe. 3000+ ssl were sold.
Because of your retarded 'promise' to renew the ssl certs I bought from you I didn't buy the 5 year certs when they were offered by the Danish site. Had I known you were full of sh** I would have gladly purchased the Danish certs and none of this @xoxo crap would have happened. In hindsight you are responsible for this loss as well.
Like I always said, you are a cheat and a fraud & I'll stand by this statement until you eventually run out of business. Having said that please note I'll not be commenting any further on your pathetic attempts to redeem your image in the eyes of public. Everyone knows who you are... Bhappi wapi dapi taki saki one of these i guess....
Cheap, good, reliable <--- you can pick 2 only bro.
Cut the b/s, there's a lot of things especially in the Internet and software field, that are all three. The GNU/Linux OS itself, for a start?
Isn't it free?
It can be, but how is that relevant? "Free, good, reliable" is still all three (or better), if I need to spell it out for you, free is nothing but a subset of "cheap".
I'm just tired of seeing people pull the dated "pick any two" phrase whether it fits or not, as though it automatically shows everyone else how "wise about life" they are, and with no consideration if maybe fundamental conditions of something have changed (e.g. how the digital technologies gave us ways to create infinite and zero-cost perfect copies of good and reliable products).
Case in point, SSL certs. It costs a fraction of a cent on some VM or dedi somewhere to generate a new SSL cert. It does not cost any more cents to generate a wildcard SSL cert. There is zero reason whatsoever, why "good and reliable" SSL certs can not be also cheap.
Then you're right, calm down bro.
We dont promise anything. And SSL not provided by us. The provider will make decision how ssl works. If you are not sleeping there is no more 5 years ssl now. All 5 years ssl renewal also canceled by SSL providers. If any1 have them, those will also become 3 years validity if reissued. So who is the controller? We or, the ssl vendors? Rather than talking stupidly like "Bhappi wapi dapi taki saki" oil your own machine. We have very big market online. People like you are nothing but stupid.
LowEndProfessionalism
AFAIK you promised to renew the SSL certificates at the price you sold them
Hmmmm now he will not answer xD
He didn't promise to answer