Slashdot Mirror
SSL Encryption Coming To The Pirate Bay
An anonymous reader writes "The Pirate Bay, in response to Sweden's new wiretapping law, will start offering SSL encryption to its user base this week. Although copyright issues really have little to do with national security, The Pirate Bay knows its population is uneasy with the recent legal change. The encryption will mostly benefit Swedish users living under the current law. Since The Pirate Bay and its servers are not hosted in Sweden, the additional security offered to outside users could be comparatively minimal."
The actual file transfers are peer-to-peer, so they won't be effected (also, they're usually encrypted already, to avoid bandwidth throttling). This is for accessing the website and/or for contacting the tracker.
Web pages have been using SSL for years without being especially slow.
Contacting a tracker is a lightweight request that is being performed once every 30 minutes or so - if it was a few seconds slower, nobody'd notice anyway.
Most likely not, and it depends ...
On the server side, presumably the bottleneck is the network connection or the storage medium access times, and not the CPU of the server. The network overhead to an SSL connection is minimal, to the point where it is negligible. The access times to the storage medium will not change to any measurable degree. The only way this will slow downloads considerably would be if the CPU was already at or close to 100% utilization, or if it is pushed "beyond 100%" utilization (i.e. the bottleneck becomes the CPU) due to the need to calculate SSL certificates, etc. Since The Pirate Bay is doing this in a planned and intentional way, they have almost certainly thought of this and will likely add processing power if need be on the server end.
From the client side, YMMV, but the above holds true in general. If you are downloading and doing CPU intensive things in parallel, then yes, things will slow down considerably.
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
There are really a lot of hardware solutions to speeding up SSL.
The real issue is that, typically speaking, the server which is responsible for the server-side processing is also responsible for encrypting the stream.
By putting a hardware or software solution in front of the client-access machine, you offload encryption to that host, leaving the application server free to concentrate on serving applications.
This can also be useful for debugging sessions, as you (the provider) have an unencrypted stream to examine.
Securing that stream between the application and the encryption device becomes of paramount importance, in that case.
Check out my sysadmin blog!
Um, no, this change has nothing to do with torrent swarms, so downloading of the files referenced inside a torrent would be unaffected.
A learning experience is one of those things that say, 'You know that thing you just did? Don't do that.' - D. Adams
There are pros and cons to living in Sweden. This law is a big con. So are the taxes, and the regulations. A penal system which is not based on homosexual rape is a pro, though.
How inappropriate to call this planet Earth, when clearly it is Ocean.
The real problem is that people have to put in additional effort, because their e-mail program doesn't handle it seamlessly. Their e-mail doesn't handle it seamlessly because it isn't easy to do, because there is no one dominant standard, but there is one dominant e-mail client (Outlook) which is controlled by a monopolist who has no incentive to make things better for their customers (because they have a monopoly). This is one of the many hundreds of ways the computing industry is constantly being held back by MS's monopolies.
In Scandinavia, there are no "federal pound-in-the-ass" prisons. The prisons are top-notch, just google around: here is a couple of articles.
Victims of 9/11: <3000. Traffic in the US: >30,000/y
If you're a subscriber it works (though it's been a few years since I've been one, so I might be talking out of my arse with regards to the current setup, here).
As far as email encryption goes. PGP is pretty much the defacto standard. I'm sure there are some other methods, but PGP seems to be the way it's done in most cases. I wouldn't be hard for the mail client, outlook or otherwise to completely automate the system. Key exchange would be a little difficult, but not so much. You could either meet someone in person to exchange public keys, or get their public key from somebody else who already has it, who you already trust and share keys with.
Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
I daresay such prisons don't exist in all of non Anglo-Saxon West.
I actually just set that up (literally -- I created my key immediately before typing this), and I think it could be easier. Namely, after installing EnigMail in Thunderbird, it didn't immediately work. Why was this? Because I needed to install GnuPG separately, which was not mentioned in the "how to install in Thunderbird" steps on EnigMail's Thunderbird addon page. Either it ought to be added to that list, or (better yet) GnuPG itself ought to be somehow included in the EnigMail installer itself.
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz