The Instigator
trippledubs
Pro (for)
Winning
14 Points
The Contender
crb772
Con (against)
Losing
6 Points

That debate.org should implement https

Do you like this debate?NoYes+0
Add this debate to Google Add this debate to Delicious Add this debate to FaceBook Add this debate to Digg  
Post Voting Period
The voting period for this debate has ended.
after 5 votes the winner is...
trippledubs
Voting Style: Open Point System: 7 Point
Started: 1/8/2012 Category: Technology
Updated: 5 years ago Status: Post Voting Period
Viewed: 980 times Debate No: 20290
Debate Rounds (2)
Comments (2)
Votes (5)

 

trippledubs

Pro

Definitions:

https is a protocol that protects digital communication against eavesdropping from client to server using encryption

debate.org is the web site you are on

I hope this debate serves to illustrate technical, legal, and perhaps moral principles that go on behind the scenes in todays networked Social Media world.

Challenger should know the difference between secure and insecure protocols before accepting.

Main Points


1. When logging into a site that does not implement https, login/password can be "sniffed" at certain points along the way. Sniffed in this context means reconstructed by third parties.

2. Debate.org's Privacy Policy is misleading until https is implemented.

Debate.org's privacy policy is quoted in italics.

All Member accounts are password-protected.


Protected: To keep from being damaged, attacked, stolen, or injured; guard.(1)

Password protected is not the same as protected. A more accurate statement would be:

"All accounts are protected by a password", or alternatively and more complete: "All accounts are protected by a password. Any person with access to certain network equipment between wherever the user connects from and the debate.org server also has access to this password."

The privacy policy further reads: We go to great lengths to protect the account information that you have provided us.


As the account information is not protected, I contend that this statement serves only to mislead debate.org members.

The Privacy Policy further states:

Access to this information is limited to only the Juggle employees who need it in order to perform their job function, such as customer service representatives.


1. Administrators have access to member details
2. Administrator accounts are not secure (no https)
3. Member details are not secure

3. By not using https, debate. org violates its own TOS, a legally enforceable agreement between Juggle LLC, and debate.org users.

Section F reads: "Will not disclose your password or transfer your account to any third-party, or allow any third-party to access your account." (2)

By not transmitting passwords over the internet in a secure manner, third parties are implicitly given access, or the opportunity to access, the password.

1. http://www.thefreedictionary.com...

2 http://www.debate.org...

crb772

Con

debate.org is not an e-commerce site..https is required for websites that require payment activity.while https secures the website it slows down the user surfing experience.Some SSL providers charge you on the bandwidth secured. You should only secure those pages that collect data.debate.org doesn't require any pages to be secured.
Debate Round No. 1
trippledubs

Pro

Thank you for accepting my debate. Your argument is concise and made of words.

My opponent did not use any sources, but it is easy to tell if using https significantly affects your internet experience. Surf Wikipedia using http, and then surf it using https.

[http://www.wikipedia.org...]

[https://www.wikipedia.org...]

You may need to close tabs to make sure you are getting the https if you have a non-secure tab to wikipedia open.


Wikipedia is also not an e-commerce site.

Con argued that "You should only secure those pages that collect data."

As debate.org has pages that collect data, those pages should be secured. This affirms my resolution.

Con did not provide sources or discuss privacy policies at all. Therefor I urge you to vote PRO!

crb772

Con

"[http://www.wikipedia.org......]

[https://www.wikipedia.org......]

You may need to close tabs to make sure you are getting the https if you have a non-secure tab to wikipedia open.

Wikipedia is also not an e-commerce site."

Contention 1 :
Pro didn't understand the logic behind the slow performance in accessing websites that use https.I will explain more below.
Just accessing a single page in wikipedia doesn't prove the faster performance of website using https.There is more work done at the background.

With HTTP, you sit at your browser and interact with data. HTTP’s job is to present that data to you, and browsers are the means of doing so. Mozilla’s Firefox browser, for example, understands HTTP instructions and arranges the data as the site’s designer intended. The browser knows what to do when you click. It uses HTTP to do this. But HTTP cannot do much beyond that. How the data travels from Point A to Point B, or even if it travels at all, is none of HTTP’s concern. This is a great compromise if you want speed and elegance and couldn’t care less about security. One does not require security to view debate.org's debates.To further reinfore my point , debate.org doesn't even require a user to be logged in to view the debates.So why secure the website on top of it?.IT is open to public.



"As debate.org has pages that collect data, those pages should be secured. This affirms my resolution"

Contention 2:

At debate.org, you only fill out your profile information.And they are aware that many of them are not using the right information. They don't need to collect data.. they already have the information in their database.. Pro doesn't understand the difference between collecting data and profile information.

With HTTPS, the story is quite the same. But when security is a must, HTTPS differentiates one sender and receiver from another. SSL takes the data, going or coming, and encrypts it. This means that SSL uses a mathematical algorithm to hide the true meaning of the data. The hope is that this algorithm is so complexit is either impossible or prohibitively difficult to crack.

The encryption begins when the owner of the Web site purchases a time-sensitive certificate from a trusted certificate authority such as VeriSign. You can get a certificate anywhere, or even make your own, but is it trusted? Your browser will let you know. This certificate is a security code created specifically for that one user, or even for that one Web site. The code is so complex that no one else on Earth should have a duplicate.

Well as you can see why it would slow down the performance of websites.



"Con did not provide sources or discuss privacy policies at all. Therefor I urge you to vote PRO!"

since pro invited me for a debate on a more generic topic I didn't feel the need to provide sources since most debaters are aware of https vs http.But pro proved he doesn't have adequate information about http vs https so here you go

http://www.biztechmagazine.com...

http://www.snopes.com...

http://www.wisegeek.com...


I proved Pro doesn't have basic understanding of https. Vote con!

Debate Round No. 2
2 comments have been posted on this debate. Showing 1 through 2 records.
Posted by royalpaladin 5 years ago
royalpaladin
Con, next time put the arguments in the FIRST round. You had much better arguments, but put them in the wrong place. I could not consider them because the opponent did not have a chance to respond.
Posted by 16kadams 5 years ago
16kadams
even though con has short arguments his paragraph pwnd. No joke.
5 votes have been placed for this debate. Showing 1 through 5 records.
Vote Placed by 16kadams 5 years ago
16kadams
trippledubscrb772Tied
Agreed with before the debate:-Vote Checkmark-0 points
Agreed with after the debate:-Vote Checkmark-0 points
Who had better conduct:--Vote Checkmark1 point
Had better spelling and grammar:--Vote Checkmark1 point
Made more convincing arguments:-Vote Checkmark-3 points
Used the most reliable sources:-Vote Checkmark-2 points
Total points awarded:05 
Reasons for voting decision: He had more sources. Also his final refutations where good. Also he proves https is needed for commerce sites. COn had better formats. 9 I tought him xD) Also pro didn't seem to understand the difference in https and http/. Con won.
Vote Placed by THEBOMB 5 years ago
THEBOMB
trippledubscrb772Tied
Agreed with before the debate:-Vote Checkmark-0 points
Agreed with after the debate:-Vote Checkmark-0 points
Who had better conduct:--Vote Checkmark1 point
Had better spelling and grammar:--Vote Checkmark1 point
Made more convincing arguments:Vote Checkmark--3 points
Used the most reliable sources:--Vote Checkmark2 points
Total points awarded:30 
Reasons for voting decision: While I agree with Con, he dropped the point about passwords....and Pro obviously does not know the difference between HTTP and HTTPS.
Vote Placed by vmpire321 5 years ago
vmpire321
trippledubscrb772Tied
Agreed with before the debate:--Vote Checkmark0 points
Agreed with after the debate:--Vote Checkmark0 points
Who had better conduct:Vote Checkmark--1 point
Had better spelling and grammar:--Vote Checkmark1 point
Made more convincing arguments:Vote Checkmark--3 points
Used the most reliable sources:--Vote Checkmark2 points
Total points awarded:40 
Reasons for voting decision: CON made arguments in the last round - loss of conduct point. Overall, PRO's points were much more superior.
Vote Placed by larztheloser 5 years ago
larztheloser
trippledubscrb772Tied
Agreed with before the debate:--Vote Checkmark0 points
Agreed with after the debate:--Vote Checkmark0 points
Who had better conduct:-Vote Checkmark-1 point
Had better spelling and grammar:--Vote Checkmark1 point
Made more convincing arguments:Vote Checkmark--3 points
Used the most reliable sources:--Vote Checkmark2 points
Total points awarded:31 
Reasons for voting decision: I'm going to counter royal's conduct vote because pro foolishly did not provide guidelines as to structure. Args is similar to paladin's - Pro showed benefits, con showed harms, very limited rebuttal from both sides. Pro had burden of proof and con failed to topple pro's R1 case so pro wins. Con should make sure he rebuts all of pro's case, not just where pro is particularly vulnerable.
Vote Placed by royalpaladin 5 years ago
royalpaladin
trippledubscrb772Tied
Agreed with before the debate:--Vote Checkmark0 points
Agreed with after the debate:--Vote Checkmark0 points
Who had better conduct:Vote Checkmark--1 point
Had better spelling and grammar:--Vote Checkmark1 point
Made more convincing arguments:Vote Checkmark--3 points
Used the most reliable sources:--Vote Checkmark2 points
Total points awarded:40 
Reasons for voting decision: Putting arguments in the last round is abusive because your opponent cannot respond to them, so conduct to Pro. In addition, Con dropped all of Pro's arguments from the first round, so Pro wins arguments.