Hacker Newsnew | past | comments | ask | show | jobs | submit | leesfer's commentslogin

Yeah especially since some people offering this same service for free

http://voodooalerts.com/free


Sorry, but that is not factually correct.

These are very different services.

Voodooalerts requires you to place JS on your page. Because of this I am sure they cannot run the full suite of audits that Snitch does.


No, Voodoo Alerts FREE has no JS. Its a server ping just like Pingdom or this service, except its free.

The full paid version of Voodoo Alerts requires JS to be installed but that is for RUM alerting

Edit: you're right about it not doing everything that snitch.Io does, but saving $10 a month on simple alerting sounds good to me


Thank you for visiting Snitch.io. Unfortunately, your statements are still not correct.

I signed up for a free account on VA and put in a site with a revoked SSL certificate. It has not generated an alert. It has been over 12 hours. It is still prompting me to insert the JS on my site, by the way.

As to your second point. Snitch isn't simple alerting.

It runs a full range of tests on an SSL certificate: checking for expiration, checking for revocation, checking that all of the intermediate certificates have not been revoked, checking the certificate is valid for the domain (including SNI), checking that the certificate isn't signed with a weak algorithm such as SHA-1 that Chrome is about deprecate, checking that the certificate has not been changed (incorrect server config, malicious intent...)

Snitch is not targeted at people who just need to know if their site is up or down.

If you are are a business and users browsing to your site get a big red warning in their browser because your SSL certificate is expired/revoked/weak/misconfigured - that is a problem and you lose money. That is what Snitch is addressing.


I should have mentioned that I am in the beta for VA and that feature doesn't open up until next week for all users.

In fact I'm probably breaking terms mentioning it...


Thanks for the clarification.

I was wondering if you were also going to mention that you are VoodooAlerts' founder?

I, personally, think it is poor form to advertise features that don't exist while pretending to be a customer of VoodooAlerts.

I wish you the best of luck with VoodooAlerts!

https://twitter.com/Leesfer


Being a #2 employee isn't exactly a founder, now is it?

Good luck in this field, it's competitive :)


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: