With HTTPS Everywhere, Is Firefox Now the Most Secure Mobile Browser?

Peter Eckersley writes "Over at EFF, we just released a version of our HTTPS Everywhere extension for Firefox for Android. HTTPS Everywhere upgrades your insecure web requests to HTTPS on many thousands of sites, and this means that Firefox on Android with HTTPS Everywhere is now by far the most secure browser against dragnet surveillance attacks like those performed by the NSA, GCHQ, and other intelligence agencies. Android users should install the Firefox app and then add HTTPS Everywhere to it. iPhone and iPad users will unfortunately have to switch to Android to get this level of security because Apple has locked Mozilla Firefox out of their platforms."

Breaks some websites

Mixed-mode, beware!

Re:Breaks some websites

[stillpixel]

Sorry.. I have a Mac. Does the EFF have any comments about that? lol..

Re:Breaks some websites

[stillpixel]

You're not from around here are you? Next time try typing all of your text as one big block, it's okay.. we can grep it.

Re:Breaks some websites

[stillpixel]

Hey man, like some new shit has come to light man.

Re:Breaks some websites

Sorry.. I have a Mac. Does the EFF have any comments about that? lol..

Get a new computer. Stop being a hipster and run OpenBSD.

Re:Breaks some websites

[vomitology]

C-C-C-COMBO BREAKER!

Re:Breaks some websites

[stillpixel]

Sorry can't be a hipster.. too damn old. I've been a Mac guy since errr.. like 20 years ago now.

Re:Breaks some websites

[stillpixel]

Does it help that I use vi for coding sites? Does that satisfy you?

Re:Breaks some websites

[camperdave]

Hey allaunjsilverfox2. Some kind of malware has infected your PC and is spamming Slashdot over, and over again. Perhaps you should use a malware cleaner to clean it up. Might I recommend AVG or Spybot?

Re:Breaks some websites

[stillpixel]

You know, I'm surprised you didn't recommend MyUnCleanPC, available at MyUnCleanPC.com It's awesome at infecting your computer and removing all that pesky real anti-virus and malware removal software that was slowing your PC down.

Re:Breaks some websites

[stillpixel]

i got nothing here.

Re:Breaks some websites

[stillpixel]

I'm sitting here staring at my Macbook Pro and crying... because I will never see the joys of using MyCleanPC... I am at a loss. Where have I gone wrong... whoa is me.

Re:Breaks some websites

[stillpixel]

http://theoatmeal.com/comics/o...

seriously... it's life altering

Re:Breaks some websites

[lister+king+of+smeg]

Sorry can't be a hipster.. too damn old. I've been a Mac guy since errr.. like 20 years ago now.

The hipster movement is traced back to the 1940... you know back before it was popular.

Re:Breaks some websites

[stillpixel]

you deserve so much sir.. but my pockets are void of mod points.

Re:Breaks some websites

[stillpixel]

Sorry.. it's late and I had a caffeinated beverage.

Re:Breaks some websites

[narcc]

AVG or Spybot? That's crazy. They pale in comparison to the obviously superior MyCleanPC!

Why do you think he takes every opportunity to spread the good news?

Re:Breaks some websites

[black3d]

But can it clean my HOSTS file?

Re:Breaks some websites

[thephydes]

for fuck sake someone block this wanker. He is a fucking parasite

Re:Breaks some websites

[lourd_baltimore]

I use my HOSTS file to block these kinds of posts...

Re:Breaks some websites

[Rhaban]

Sorry can't be a hipster.. too damn old. I've been a Mac guy since errr.. like 20 years ago now.

So, you’ve been a hipster since before it was cool?

Re:Breaks some websites

[y5t3m]

lots of psy below. No sensible debate on this.

Re:Breaks some websites

[alex67500]

Q: Why did the hipster burn his mouth?
A: He ate pizza before it was cool!

Re:Breaks some websites

Ahh, that is so cute.

Re:Breaks some websites

[jellomizer]

HTTPS isn't end all be all in security.
It just encrypts your message and offers a secure authenticated certificate.
Your browser has a list of trusted authenicators.
So in terms of raw security it will just prevent people with a packet sniffer finding your information. Sure that is more secure, however most networks now have switches vs hubs which makes broadcast packets less common.
The site authenicators charge a lot of money for these certs, and most really don't do too much to verify their true identity, and some sites will used home made certs to save money... Especially if they are working with a smaller client base who knows to ignore the big alert from the browser.

Most of the breakins are due to people getting into the server via different ways (SQL injection, back doors on the server, back doors on an other server that has access to the existing server...) Where they can take your information from the servers. Or add malcode into the javascript where it could break other flaws in the browser, and get stuff from your own PC.

Also defaulting to HTTPS even if you don't request it. could cause other issues. The HTTP vs HTTPS site could be very different. HTTP may be your companies poster board, and the HTTPS is for access for the customer.

Re:Breaks some websites

[TangoMargarine]

Shhh, you'll summon the Dark Lord of HOSTS Files!

Re:Breaks some websites

[nullchar]

So Slashdot is hyping their new beta site, yet they allow same post by the same user over and over, even after continuous down modding.

Re:Breaks some websites

[hobarrera]

No need for a new computer, you can run OpenBSD fine on that already.

doubtful

I don't think HTTPS will stop the NSA

Re:doubtful

[Big+Hairy+Ian]

No shit http://science.opposingviews.c...

HTTPS is secure?

http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security

Re:HTTPS is secure?

[gmuslera]

HTTPS is not a guarantee, but is a good first start. They may not have your certificate (yet), and if the remote server uses forward secrecy getting it later won't decrypt your past communications. And the people wanting to know (or intercept/fake/whatever) your communication don't end in NSA/GCHQ/similars.

Re:HTTPS is secure?

[AmiMoJo]

It's not secure if they target you, but it massively increases the cost of monitoring you. Rather than just passively hoovering everything up they have to actually attack. If everyone does it their job gets hardware and more costly.

Re:HTTPS is secure?

[rvw]

The question asked in the summary is whether Firefox is now safer than other mobile browsers, because of this addon. Firefox is for me the default browser on desktop and phone, because I trust it more than Chrome or Safari or IE.

how appropriate..

[stillpixel]

comment spam on an article about how something is so secure.

Haha

Too bad it doesn't have anything for spam bot control.

http://postimg.org/image/ryho8lbfj/

not even security

Doesn't mitigate any vulnerabilities already present in the browser. Doesn't add any encryption beyond what's already provided by the web servers.

Re:not even security

[Maximilianop]

No only that.
Quote from their site "The HTTPS Everywhere extension fixes these problems by using a clever technology to rewrite requests to these sites to HTTPS"
What is this clever technology?
Could it be a hook on every single request, analysing the host to "know" if the request "should be rewritten as HTTPS"
How do they decide when a server has HTTPS capabilities? Are they just "probing" each webserver? Do they have a DB? Do website owners have a say in this?

What is disabling the extension from logging and saving a DB on every single request you send to the web?
What is disabling the extension from saving your username and passwords for sensible sites?

More than securing your phone browser, this seems like the definition of spyware to me...

Re:Apple locked Mozilla Firefox out of their platf

[stillpixel]

Honestly.. I liked what the comment spammer said more. Less whine and more vomit..

Considering...

People most likely don't type HTTP to begin with... I don't type http://facebook.com... just facebook.com. Google.com. slashdot.org. etc...

The S isn't just an extra S...

Re:Considering...

[bipbop]

For every site I use regularly, I have a one- or two-letter shortcut. When I want to use Slashdot, I hit ^L to focus the URL bar, type the letters sd, and then hit enter.

If I wanted to use Slashdot with HTTPS (which I don't), I would simply change the URL associated with that shortcut to say https instead. It would be zero extra letters for me.

Re:unnecessary bloat cruft

[Rosco+P.+Coltrane]

If I forget to type the S, I like having the crutch.

It's a bit like automatic collision avoidance braking systems that are starting to appear on cars these days: you might say it's a huge crutch for people who are too lazy to drive properly and maintain distances, but you know what? it's a good idea I'd like to have it nonetheless, in case my concentration lapses.

Re:Apple locked Mozilla Firefox out of their platf

[stillpixel]

About 6 months ago the angry Android fanboi above these comments was rearranging his "apartment" in the "lower-level" of his parents home when he got his app rejection notice from Apple for his awesome new game "Flamin' Fowl".. the note contained a remark something to the effect that his app was of less quality than those Chinese knock off apps.

Since then he has with drawn even more.. he even stopped playing Magic.

Re:Apple locked Mozilla Firefox out of their platf

[stillpixel]

I think MyCleanAndroid would have been a better app to flog with this article. Really.. what good does it do to https on your browser when the apps you have are full of holes and barely examined before being placed on the Google Play app store.

Idiot

It was highly illogical for you to blockquote all of that bullshit, Spock. I am unsure which one of you is the dumber one.

Re:Idiot

[Gadget27]

Fascinating

Re:Apple locked Mozilla Firefox out of their platf

And no I'm not RMS :(

RMS runs Hurd-Mobile OS on his phone.

Re:unnecessary bloat cruft

[infogulch]

Nonsense. If you're browsing the web and following a bunch of links, you would have to long press the link to copy it, long press to paste it in the url bar, edit the url to add the S (this is mobile, so moving the cursor directly between the "p" and the ":" is non-trivial), and hit enter... for every link you follow.

You can't just click the link and edit the url after the page loaded because you've already given away the url path, url query, cookies, referrer, etc to anyone snooping your connection. And what if a site doesn't support https and instead redirects you to its' http variant? For some people they'd rather it fail to load than load insecurely. There are many reasons to use such an extension.

Re:unnecessary bloat cruft

[viperidaenz]

Do you re-type links on a page instead of clicking them?

Dear MyCleanPC,

[somenickname]

I will admit that I was skeptical that a piece of software could cure my cancer, bring back my wife and prevent me from beating my daughter but, based on dozens of posts on Slashdot, I'm willing to give it a try.

Re:Dear MyCleanPC,

[stillpixel]

Wow. It could also be the end of Country music as we know it.

Re:Dear MyCleanPC,

[somenickname]

Well, nowhere in the glowing reviews did I see that it would also bring back my dog so, country music still has its place.

Re:Dear MyCleanPC,

[stillpixel]

Please don't bring sports into this conversation, you'll scare the neckbeards.

Re:Dear MyCleanPC,

[oscrivellodds]

And don't forget your truck!

Re:Dear MyCleanPC,

[ArchieBunker]

Any half competent admin could write some sort of filter script to get rid of this spam. I give this domain another year or so before it starts to cost Dice money and they park it.

Re:unnecessary bloat cruft

[fuzzyfuzzyfungus]

In some, but not all, cases it will also rewrite any http links within the site itself, which is a much more useful feature. People certainly do forget when typing URLs; but manually checking, copying, pasting, and editing links within a page would be a huge pain in the ass.

Now, as for why a site operator would have non-ssl links to parts of their site on parts of their site accessed over ssl, that's a question for when I'm feeling less rageful.

Re:Apple locked Mozilla Firefox out of their platf

[stillpixel]

The above commenter is quite serious about their software fanboi-ism it verges on the realm of being a Linux anti-microsoft zealot.

Depends on the threat model, doesn't it?

[fuzzyfuzzyfungus]

'Secure' isn't really something where you can just boil it into a number between 1 and 100 and call it a day. If you are worried about attackers sniffing the wire, a plugin that enforces SSL use is a major advantage. If you are worried about being hit with a zero day by the guy on the other end of the wire, it's entirely irrelevant.

Re:Depends on the threat model, doesn't it?

Secure = 100;
itaday();

Re:Depends on the threat model, doesn't it?

[somenickname]

I loathe to say this but, HTTPS Everywhere is security theater. It makes your browser have a green icon where it otherwise might not but, that green icon is just an illusion of security. Considering recent revelations about the NSA, I would assume all SSL certificates are compromised. Like, literally, all of them. If the trust chain has been compromised by one party (the NSA), I would assume it compromised by all parties.

Re:Depends on the threat model, doesn't it?

""Apple has locked Mozilla Firefox out of their platforms.""

Or you could be like Apple and deny any secretive co-operation with spying agencies, then block out Mozilla, and I guessing anyone else from locking down your OS/Apps from giving away your data. And the Apps that your downloading tracks anything you do. SO unless you have a phone with no Apps or any hidden programming to collect data it's not going to matter what you do to secure your data from spying by the NSA or 3rd party sources.

The EFF had to have known about the NSA and other agencies to begin with, and I seriously distrust any claims they make over security from spying. Its one thing to be a small org., but they only go after high profile cases, and I can almost promise you they know a lot more then there publicly leading people to believe. The idea behind what there about is great, but being arrogant or making people think you are, kinda throws that out of balance.

Re:Depends on the threat model, doesn't it?

[kasperd]

I would assume all SSL certificates are compromised. Like, literally, all of them.

No amount of snooping on the network would compromise a private key, which never leaves the server in the first place. Thus the only way you could possibly compromise the certificate, would be if you put an invalid public key in the certificate in the first place. Since that would be immediately obvious to any server owner paying enough attention, it is safe to assume that compromising all certificates cannot be done without being detected. If they literally compromised all of them, it would only take one single security aware server administrator to notice it.

This is why we should focus much more on protocols that are secure against passive attacks, but not against active attacks. Systematic passive attacks can be pulled off without detection. Systematic active attacks cannot. Protection against active attacks is much harder and is the reason we have the CA system. It is not that protecting against active attacks is a bad idea, it is just that it is so hard that much communication isn't protected. Opportunistic encryption with security against active attacks could be done without needing certificates. If on top of that you do perform certificate validation on the most critical sites after you have established a connection with only the opportunistic protection, then you do get protection against active attacks. In order for this to make sense, it is important that until you do perform an active attack, you cannot know if the connection has been secured against active attacks.

Both types of connections will benefit by being indistinguishable from the other to a passive adversary.

The connections with only passive security benefits because it is now easier to do encryption, and moreover being indistinguishable from the minority of connections with active security protects you from systematic active attacks. This is because systematic attacks are bound to hit protected connections once in a while, so they cannot go undetected.

The connections with the full active security also benefits because they are now attracting less attention. They will be a minor fraction of a much larger amount of encrypted connections. A passive adversary cannot know which of the connections have active security and are likely to contain the juicy stuff.

Re:Depends on the threat model, doesn't it?

[AmiMoJo]

Even if all certificates are compromised they are still worth using. Instead of passively collecting all that data the NSA/GCHQ has to perform a man-in-the-middle attack using a server that is geographically closer to you than the one they are spoofing. It costs them more time and money, limits their ability to spy on everyone all the time and requires them to maintain those servers. MITM attacks can be detected too, and in fact Chrome has made some progress on that with pinned certificates. I think there is a Firefox plugin that does something similar.

There are real and measurable benefits to using HTTPS, it's not just theatre.

Re:Depends on the threat model, doesn't it?

[drinkypoo]

Even if all certificates are compromised they are still worth using. Instead of passively collecting all that data the NSA/GCHQ has to perform a man-in-the-middle attack using a server that is geographically closer to you than the one they are spoofing. It costs them more time and money,

And whose money is that? Oh, it comes from the poor and the middle class, who actually pay taxes.

Re:Depends on the threat model, doesn't it?

[jafiwam]

I loathe to say this but, HTTPS Everywhere is security theater. It makes your browser have a green icon where it otherwise might not but, that green icon is just an illusion of security. Considering recent revelations about the NSA, I would assume all SSL certificates are compromised. Like, literally, all of them. If the trust chain has been compromised by one party (the NSA), I would assume it compromised by all parties.

While this is true, chances are SLL Certificates still work well enough to keep the other nerd at the coffee shop from stealing your WoW forum account credentials.

No single person, ever, anywhere, has been able to single handedly defend themselves from the government of the place they reside. If the Government wants the account, they'll get it through twisting laws and sending the cops, not by snooping on it.

SSL protects against run of the mill crime. And, it does that well.

Re:Depends on the threat model, doesn't it?

[kasperd]

They have a compromised root cert that the browser accepts as genuine, they create their own apparently valid cert for nefarious-site.com and your browser thinks all is well.

Compromising a CA certificate and compromising the certificate of an individual website is two very different situations. On average it is harder to compromise a CA certificate than that of an individual website. But for both types there is variation in difficulty. I have no doubt it is a lot easier to compromise the certificate of the most insecure CA than that of the most secure website. And if you have compromised one single CA certificate, you can use it for most of the active attacks, you want to perform. So it is mostly pointless to go for the certificates of individual websites.

MitM attacks using a compromised CA certificate done by governments is not unheard of. I think it was only a couple of months back I last saw a browser security update to get rid of a CA certificate, which was being abused by a government (in a European country AFAIR).

The point is, that sort of attack is discovered, if performed systematically. And they are mitigated as they happen, but after each mitigation there will still be easy targets among the remaining CAs.

That's why the Perspectives extension is useful, because it checks for certificate consistency.

True. Though you could achieve much of the same effect with less needs for infrastructure through certificate pinning.

Re:Depends on the threat model, doesn't it?

[AmiMoJo]

So what you are saying is that we just give up our rights and freedoms in order to pay a bit less tax. Well, no.

Anyway, the cost will be made astronomical, so putting up taxes wouldn't help. They will simply have to stop mass collection of data once everything uses encryption.

Re:Depends on the threat model, doesn't it?

[heypete]

See http://security.stackexchange.... and https://www.owasp.org/index.ph...

In short: a site can declare that it only uses one (or more) public keys on its secure sites and that this declaration is valid for a certain time period. Browsers that support pinning will check to see if those public keys (and no others) are being used during that validity period. If the key were to suddenly change, even if it's otherwise valid (e.g. issued by a trusted CA), the browser would complain that something is wrong.

This prevents rogue or compromised CAs from issuing certificates to sites that used pinned certificates (at least for the duration of the validity period).

For example, Google Chrome comes hard-coded with the public keys for Google sites. If an otherwise-valid certificate were created for Google sites (such as when the DigiNotar CA was compromised), Chrome would refuse to connect to any server using it because it does not match the built-in pinned value.

Re:Depends on the threat model, doesn't it?

[OdinOdin_]

Wooossshhhh!

He (somenickname) is talking about the global CA system where all 1000 CAs are equally trusted, so the NSA only need to convince one to reissue a certificate (based on a private key the NSA provided) in the name of the target website they wish to intercept.

The content consumer has no way of knowing if the SSL cert that is being used for the HTTPS connection is the one using the site owner's private key or the one using the NSA's private key. So this is why simply having a green light because you switched to SSL is security theatre.

But you (kasperd) go on an rant about other matters.

The projects such as SSL Observatory https://www.eff.org/observator... and Convergence http://convergence.io/index.ht... and http://tech.slashdot.org/story... combined with DNSSEC (which somewhat has the same problems as the CA system, but useful to allow deployment for low security websites without paying sign-my-certificate tax).

Re:Apple locked Mozilla Firefox out of their platf

[stillpixel]

Replace the above comment with some drivel about Creationism and it will be just as useful.

Re:unnecessary bloat cruft

[Cimexus]

I have one of those. I do actually like having it, for the reasons you say. Though in winter I do note it gets confused by snowbanks on the side of the road and occasionally cars in other lanes. Beep beep beeeeeeeep. Ahhhhhhh what?!

Not when

NSA has a copy of the private keys as well.

What's worse?

I'm not sure what's worse: the My Clean PC spam, or the hipsters that feel the need to reply to it every chance they can and tell us all about how they use Macs and how wonderful of people they are for doing so.

Re:What's worse?

[stillpixel]

I have Chrome installed on my iPhone, so I guess FF is just doing something wrong.

NSA has the ssl keys

[hipsterdufus]

The NSA likely has keys from all the major SSL cert vendors, rendering this "spamvertisement" moot. HTTPS does not mean that you're secure from everybody. It means you've added a layer of security that will thwart MOST prying eyes, but those that really want to know what you're doing WILL know what you're doing.

What a silly thing to appear on slashdot.

Re:NSA has the ssl keys

[Jane+Q.+Public]

"What a silly thing to appear on slashdot."

Why is it silly? It still means that most people will be more secure, most of the time.

Re:NSA has the ssl keys

[dvdkhlng]

The NSA likely has keys from all the major SSL cert vendors, rendering this "spamvertisement" moot. HTTPS does not mean that you're secure from everybody. It means you've added a layer of security that will thwart MOST prying eyes, but those that really want to know what you're doing WILL know what you're doing.

Having the keys from multiple SSL cert vendors does not help a bit (and having the keys from many vendors isn't much better than having the keys of a single vendor). It does NOT magically allow you to decrypt SSL traffic from servers whose host key was signed against that cert vendor's certificate!

To decrypt traffic of multiple SSL websites requires you to obtain the private part of the SSL host keys from all the web-servers themselves. Note that web server host keys are signed via signing requests that do not contain a copy of the private key, so even when the cert vendors (CAs) are hacked, you cannot directly listen in on SSL communication. When the servers implement Perfect Forward Secrecy, then even obtaining a copy of the server's host key won't help as each connection uses a temporary key that's exchanged via Diffie Hellman Key Exchange, a method that generates a key shared between two hosts, that (somewhat counter-intuitively) cannot be deduced by sniffing the traffic between those two participants.

What you can still do is to set up a MITM attack: you set up your own intermediate server with its own host key and sign your host key(s) using one of the SSL vendor's certs that you obtained. Then you redirect all traffic to the servers that interest you via your server (i.e. proxying all SSL connections) and then obviously in the process you obtain the cleartext of all SSL sessions running via your server.

However, the MITM attack is much more difficult to deploy and scale than simple monitoring and recording IP data. Also skilled users will easily detect the MITM attack, as the host key's public part of the servers in question will suddenly change. There are firefox extensions to check for these signs of a MITM. Even SSL Everywhere has a checker built in (via the SSL Observatory). Or try Certificate Patrol.

Re:NSA has the ssl keys

[thegarbz]

All this allows you to do is create a MITM attack which won't be detected by your browser. However another plugin like Perspectives will compare the SSL cert you were served with notarys from several other sources. Since it's incredibly difficult to MITM a system in a way that the same middleman is presented to everyone it creates yet another layer of protection.

Is it perfect? No. But sure beats the security of ASCII based traffic we're spewing everywhere right now.

Re:NSA has the ssl keys

[jafiwam]

You are assuming your software doesn't send the private key somewhere when you aren't looking.

Re:NSA has the ssl keys

[Mathieu+Lu]

nonsense.. that's a blanket statement that doesn't mean anything, implying that we should only consider absolutely secure solutions that will protect against all attacks. There is no one size fits all. Adding a layer of security that "will thwart MOST prying eyes" is well worth it, just don't expect it to be bullet proof and understand how it works, what it protects from.

If I recall correctly one of the initial aims of "https everywhere" was to protect people using public wifi. Hijacking FB accounts on public wifi became a common attack (and many others). It's a low-hanging fruit that encouraged a lot of websites to enable and fix their SSL for everyone.

Not to mention.. even if the NSA had keys from the major SSL cert vendors: you probably meant: they have the private key of Google/Facebook/etc, since the cert vendor key itself only signs the cert, it does not provide the private key that encrypts the communication.

Even then, don't use Google/FB. A lot of Snowden docs talked about tracking using the IDs from those services, although nothing has indicated that they have private keys of google/fb, it assumed that google/fb traffic was non-SSL. It's also a big leap to assume that they can generate/obtain private keys for other non-cloud services.

Re:NSA has the ssl keys

[Luke+has+no+name]

What a silly thing to appear on slashdot.

What a silly thing to say! Most of the time, it's not the NSA I'm worried about, it's the ISP or the creeper next to me on the open wifi network. Most people don't have an ipsec tunnel to their home network for secure wifi access, so this isn't a bad thing at all.

Issues with CA's and the NSA are real, but don't get huffy-puffy about a practical addon being brought up on /.

Re:NSA has the ssl keys

[dvdkhlng]

According to wikipedia, "Ettercap is a [..] tool for man-in-the-middle attacks on LAN". It requires you to gain access to a victim's LAN! If the wikipedia page is right, it performs ARP ARP poisoning to redirect vicitm's connections. This can be detected. On a properly administrated network, this attack can automatically be detected, alerting admins etc.

Requiring access to the LAN and being easily detected for me qualifies as "difficult to deploy". Also note that the computing resources needed to MiTM SSL are pretty enormous (SSL handshake takes a lot of computation). I don't think this will scale to substantial portions of the SSL traffic of a country. Compare that with the almost complete capturing of non-encrypted traffic allegedly implemented by NSA.

Re:What the frak?

[stillpixel]

Obviously it's the NSA's attempt at obscuring the news of this amazing new plugin for a browser on a phone...

who are we fooling?

[marienf]

> this means that Firefox on Android with HTTPS Everywhere is now by far the most secure browser
> against dragnet surveillance attacks like those performed by the NSA, GCHQ, and other intelligence agencies.

While I certainly think it is a good idea to encrypt traffic, this statement is highly misleading or naive: Since the CA
system is *flawd by design* and every one of those "authorities" in the long list of built-in CA inside
your browser can, by negligence or choice, supply any of these and other agencies with a valid certificate for
*any hostname in the world*, initiatives like these protect your privacy only from your local sysadmin/ISP, and also
do nothing against traffic analysis.

Should a US person/company trust that "China Internet Network Information Center" isn't going to create a cert for a
US bank or company to perform a MITM attach with? Should a Chinese company trust "Wells Fargo" not to?
Should the Greeks trust "TÜRKTRUST Bilgi letiim ve Biliim Güvenlii Hizmetleri A.. (c) Aralk 2007", or the
Turks "Hellenic Academic and Research Institutions Cert. Authority"? What on earth makes you think ALL of these
companies can resists pressures to misbehave? Yet all of them are built-in to your browser and "you" trust them.

Just go to any (Cloudflare, Akamai..)-accelerated site using https and check out the certificate used to see how that works:
They are issued certificates for the customer domains they accelerate, and hence have access to all the traffic.
In essence, they do exactly what a man-in-the-middle attack would do, except on a much grander scale (and with the collusion
of the actual domain holders). The agencies can carry out such attacks from within the ISP's, and your browser would still show "green".

The Cert validation in the browsers leads to a *dangerous false sense of security* at most. This is crypto, a weakest-link business
if ever there was one, folks. It's not ALL, or SOME that need to fail in order for PKI to fail, it's ANY of them.

Surely, we can do better than that: We should get rid of all centralised security illusions. Why aren't we signing contents using our PGP
keys that at least make multiple signers possible and habitual, and, and this is the essential difference, IMHO: That *you* have made a
conscious decision to trust or mistrust, to a certain degree, by reviewing a web of trust, as in informed consent as opposed to blind paternalism
of massivly built-in, pretrusted certificates by distant companies you really have no clue about.

WKR,
-f

Re:who are we fooling?

Jesus christ... it was hard enough to go through the process of getting a cert. Now you want me to have to think???

Reality is people don't care and those who do use Tor. There is a reason I pay in cash for as much stuff as possible in the real world. Sadly in the real world I also buy a lot of stuff online because its cheaper or only available via the web for all practical purposes and most of it via a credit card/paypal. Bitcoins is a bit of an improvement (but not for privacy now, but later), but it's also a setback, in that everything becomes public. But one improvement is that it's decentralized. The potential is zerocoin will be adopted by it or another bitcoin derived currency and we'll have actual privacy from government.

Re:who are we fooling?

[dvdkhlng]

> this means that Firefox on Android with HTTPS Everywhere is now by far the most secure browser > against dragnet surveillance attacks like those performed by the NSA, GCHQ, and other intelligence agencies.

While I certainly think it is a good idea to encrypt traffic, this statement is highly misleading or naive: Since the CA system is *flawd by design* and every one of those "authorities" in the long list of built-in CA inside your browser can, by negligence or choice, supply any of these and other agencies with a valid certificate for *any hostname in the world*, initiatives like these protect your privacy only from your local sysadmin/ISP, and also do nothing against traffic analysis.

Should a US person/company trust that "China Internet Network Information Center" isn't going to create a cert for a US bank or company to perform a MITM attach with? Should a Chinese company trust "Wells Fargo" not to? Should the Greeks trust "TÜRKTRUST Bilgi letiim ve Biliim Güvenlii Hizmetleri A.. (c) Aralk 2007", or the Turks "Hellenic Academic and Research Institutions Cert. Authority"? What on earth makes you think ALL of these companies can resists pressures to misbehave? Yet all of them are built-in to your browser and "you" trust them.

[..]

The Cert validation in the browsers leads to a *dangerous false sense of security* at most. This is crypto, a weakest-link business [..]

You suggest that MITM attacks on SSL are as bad as someone sniffing on unencrypted traffic. It is not! MITM attacks are active attacks and are much more invasive to carry out. That's not all: in principle all these MITM attacks can be detected: the host key of the Man In The Middle will differ from the host key of the original server (though your browser will accept the differing host key when it is signed by a rogue CA).

It is pretty dangerous for an adversary to carry out MITM attacks on a large scale, as sooner or later, this is going to be detected. The SSL Everywhere extension for example can (optionally) collect information for and check with the SSL Observatory to detect differing certificates that indicate MITM attacks.

There's also the Certificate Patrol Firefox Extension that persistently remembers certificates and warns when certificates changed for no apparent reason.

Re:who are we fooling?

[Monoman]

So what are you proposing instead?

I think the whole point of HTTPS Everywhere is that using it is better than not using it. Some say the improvement is marginal at best. Some say it isn't an improvement at all. What none of the naysayers are saying is how they are doing it better.

As security increases, convenience decreases.

Re:who are we fooling?

[itsdapead]

You suggest that MITM attacks on SSL are as bad as someone sniffing on unencrypted traffic. It is not! MITM attacks are active attacks and are much more invasive to carry out.

Is "false security" better or worse than "no security"? I don't think there's a simple one-size-fits-all answer to that - it depends on the type of threat and who the target is. If the bad guys want to snoop on an individual over a period of time, then traffic sniffing probably is easier. If its an organised gang going after money then MITMing a major ecommerce or banking site might be far more effective - and only needs to be in place for an hour or two to collect enough paydirt.

Anyway, the headline was "Is Firefox now the most secure mobile browser" not "Is Firefox the most betterer-than-nothing mobile browser". Browsers display nice reassuring padlocks and tell users that "the connection to this website is secure" not "meh, well, its probably safe from casual snooping, but if anybody organised is after you or whoever you're connecting to then you're basically screwed."

Re:who are we fooling?

[sociocapitalist]

Why aren't we signing contents using our PGP
keys that at least make multiple signers possible and habitual, and, and this is the essential difference, IMHO: That *you* have made a
conscious decision to trust or mistrust, to a certain degree, by reviewing a web of trust, as in informed consent as opposed to blind paternalism
of massivly built-in, pretrusted certificates by distant companies you really have no clue about.

I just had this nightmare of facebook offering to spread pgp keys between facebook 'friends'

Small scale key exchange works but can it really work to communicate on the scale that we use every day? Commercial sites, for example, with all the individual users that connect to them?

Re:who are we fooling?

[dvdkhlng]

It is pretty dangerous for an adversary to carry out MITM attacks on a large scale, as sooner or later, this is going to be detected.

Apparently they weren't detected until the Snowden files showed it is widespread...(hacking into Belgacom for example), and wasn't the FBI requesting the SSL keys of Lavabit to decrypt traffic?

The attack the FBI attempted on Lavabit had no relation at all to certificate authorities. They merely requested the private host key of the server to be able to decrypt any recorded SSL traffic for that site. Note how this kind of attack only works when you have access to the server in question (in which case you would be able to directly monitor the plaintext communication anyway by tracing the web server executable). I repeat, this is not related at all to certificate authorities. Also note how this attack does not really scale, as it requires you to actively request and collect SSL host keys (not certs!) of all webservers whose traffic you are interested in. For that reason I would expect that information about your operations *will* inevitably leak to the public. Also web servers in other countries will be relatively well protected against this kind of attack.

The SSL Everywhere extension for example can (optionally) collect information for and check with the SSL Observatory to detect differing certificates that indicate MITM attacks.

a MITM attack would also patch (or redirect) SSL Observatory

only decentralized with checks on locally stored previously seen certificates can work, otherwise it's just security theater

But here again at MITM attack would be detectable. If the SSL Everywhere guys were not completely stupid they will check the host key of the SSL Observatory against a private certificate authority that they completely own (with the certifcate authorities' key hard-coded into their browser extension). Or more simple, they could just hard-code the public key of the observatory. Or implement certificate pinning etc. etc.

The only working attack would be for the NSA to MITM every download of the SSL Everywhere executable, patching the certificates contained in its code. But again, this is easy to detect after the fact by inspecting the sources, comparing checksums etc.

For that reason I'm not afraid at all about MITM, as it does not allow for the broad, secret, non-discriminatory data collection that Snowden's leaks show to be implemented by NSA.

Re:who are we fooling?

[dvdkhlng]

You suggest that MITM attacks on SSL are as bad as someone sniffing on unencrypted traffic. It is not! MITM attacks are active attacks and are much more invasive to carry out.

Is "false security" better or worse than "no security"?

I really don't understand why everybody tries to reduce these encryption problems on the "false security" vs. "no security" dichotomy. No this is not about false security. This is about security against undetectable passive attackers vs. detectable active attackers. The amount of data a detectable active attacker is able to collect about my person are many orders of magnitude smaller than the amount of data a passive attacker is able to obtain. The active attacker will also only be able to obtain data from the point of time I was chosen as a target. The passive attacker will be able to go back in time and look at my communication (probably many years) before I became interesting enough to be deemed a target.

This is why implementing SSL, even if no protection at all against MITM existed, is much much better than no SSL at all.

Re:who are we fooling?

[jbmartin6]

Why do you say the CA system is flawed by design? Do you mean that some agency deliberately introduced the flaws? Or do you just mean that the design is flawed?

Re:who are we fooling?

[wvmarle]

The proper way would imho to accept all certificates (no need for those extortion fees, and it allows people to use self-signed certificates), and warn when a certificate changes and the new one is not signed with the original certificate. That's a sign that a MITM has been deployed since you first contacted the site. Even if they successfully get a "trusted" certificate in the name of the site they pretend to be.

When a MITM is active already on a site on your first visit, you're out of luck. Not much one can do against that.

Re:who are we fooling?

[marienf]

> So what are you proposing instead?
I'm proposing to stop outsourcing most PKI to central authorities, making the "trust" a conscious user decision.
Now before you argue that I can remove all authorities from my browser and add exceptions as I go, this is not a solution as what I will find
is single-signed by some company I have no way of checking. If what I found was multi-signed there would be a reasonable chance of determining
a level of trust via my web of trust. e.g. I would have something to go on while making that decision.

> I think the whole point of HTTPS Everywhere is that using it is better than not using it.
Sure, but HTTPS (SSL, TLS..) is not what I have issues with. What I have issues with is using certificates single-signed by central authorities and preloading these into client software.

> As security increases, convenience decreases.
I cannot argue with that :-) I just think it's necessary.

Yeah, third-party scripts send it all anyway

[evanh]

Yes, secure connections are pretty useless if you are being tracked all the time anyway.

Misleading much...

[raist21]

So what's with the uber pro-Firefox and Android spiel?

According to the web-site you can get the plug-in for Chrome as well. Albeit beta, but still.
And if that's the case, you can just install Chrome on your Apple device, it's in the itunes store, and install the plugin for it instead.

Re:Misleading much...

[stillpixel]

Maybe they wanted to start a fanboi flamewar on a tech site for more Ad revenue?

Re:Misleading much...

[BZ]

Assuming the extension works on Chrome on iOS. Which it may not, since that uses a fairly different architecture and rendering engine from Chrome on other platforms...

Re:Misleading much...

[Jane+Q.+Public]

"And if that's the case, you can just install Chrome on your Apple device, it's in the itunes store, and install the plugin for it instead."

You're missing part of the point. Chrome is intimately intertwined with other Google services, and in fact it's pretty damned hard to keep it separate from those services.

Government is not the only entity that snoops. And Firefox is the only major browser that doesn't belong to big snoopy corporate interests. (Although Apple SAYS that it doesn't snoop. And lots of people believe them. Certainly it doesn't snoop anything like Google does.)

Re:Misleading much...

[TangoMargarine]

Albeit beta, but still.

Well duh, it's a Google product. Er, a plugin for a Google product. Whatever.

Re:Or

[stillpixel]

Man I gotta get me one of those!

Re:mobile device forced to use beta site. Comments

[stillpixel]

wait don't go! have you tried MyCleanPC.. or maybe a https plugin for your mobile browser?

Nah

[Greyfox]

Use iptables to block outgoing requests to any port 80. Then decertify all the certs you don't trust (all of them.) Congratulations! Your web browsing experience is now secure!

Re:Nah

[kasperd]

Use iptables to block outgoing requests to any port 80.

Even better, use an iptables level REDIRECT to send the connection to a local http server, and have that http server do an HTTP level redirect to equivalent https URL.

Re:Nah

[kasperd]

Too bad http still works on ports other than 80. Genius plan thwarted.

Right. Cause users who don't know the difference between http and https and/or are too lazy to type https:/// in the URL are going to be typing a port number manually, when they enter a URL, just such that they can get an insecure connection. And websites, which care enough about security to support https in the first place are going to bring up a plain http server on a non-standard port number, just to ensure that users who don't want security can send all their traffic over a non-standard port - from a device where the user himself decided to block port 80 in the first place for security reasons.

Being able to run http on other ports has no implication for the security of the proposed setup. Blocking port 80 in order to enforce https is totally sensible, when it is there to protect users, who are not deliberately compromising their own security. An attacker performing a MitM attack cannot force a connection from port 80 onto a different port number, if the connection is blocked before even reaching the Internet.

your move, Apple

[globaljustin]

This is a strong move by the EFF and Mozilla.

wtf is Apple going to do? promise they will offer the same protection?

I hate that Firefox can't get on the Apple App Store, and I like Apple products. But this...this is bullshit.

Will Apple somehow integrate a similar HTTPS into Safari?

also: mycleanPC

[globaljustin]

seriously if they were trying to troll in order to stifle discussion about this topic, that mycleanPC thing kinda worked...

reminds me of APK...

maybe this is a level 2 deployment of the APK chatbot AI

Re:Apple locked Mozilla Firefox out of their platf

[mugurel]

And no I'm not RMS :(

no need to stipulate that.

BS..

[SuperDre]

For this to work, the site must support https, and a lot of sites don't...

Re:BS..

https://slashdot.org

Re:BS..

[gmuslera]

For this to work, the site must have the same content using https. It already checks that the site have an https version to try to use that protocol, the problem happens if the https version is a blank page or have different content.

Re:Apple locked Mozilla Firefox out of their platf

[ZeRu]

But you might have a reason to reply to a post from a creationist. In this case, parent is just wasting everyone's viewport space.

Re:What the frak?

[curty]

For the first time I see the death of /. coming around the bend.

You must be new here.

Re:mobile device forced to use beta site. Comments

[noh8rz10]

dude you are owning this thread. is the plugin compatible with my HOSTS file?

It's a joke. Laugh.

[Ungrounded+Lightning]

In case you don't get it: It's obviously intended to mimic a fake anti-malware product that spams people with ads for itself.

Yes, there is a product by that name, which is called out as a "borderline scam" - though mainly with claims that it does little (removing key-only registry entries), may cause trouble, and buying it can result in a periodic charge to your credit card that is difficult to stop.

Of course, like short term memory jokes ...

[Ungrounded+Lightning]

... it gets boring when repeated too often,

Spamspamspamspam

[wonkey_monkey]

With HTTPS Everywhere, Is Firefox Now the Most Secure Mobile Browser?

You obviously think it is, so why did you phrase that as a question?

Monocausality

[drolli]

Supporting https everywhere is *not* a sufficient single reason to be called "the most secure browser".

Monocausal interpretations of security are the worst enemy of security.

Re:Monocausality

[fatphil]

I'm pretty much sure I entirely agree with you, but I've not heard the term "monocausal" used in this context - do you mean something like "(claiming to be a) silver bullet"?

Not perfect, but it's a start...

[bogd]

So basically all this does is to force HTTPS requests instead of HTTP? (took me a while to find out - gotta love the fact that the "clever technology" link on their site, instead of going to a description of the actual technology, goes to... xkcd?! :) )

I see a few problems with this approach:
1)Not all content is provided over both HTTP and HTTPS. For multiple reasons, one being performance. Which leads us to the second problem...
2)A HTTPS session incurs a significant overhead for encryption. Which may be no problem for someone like Google. But for someone hosting his/her own (moderately successful) website on a small server, it might just overload said server.
3)Quite possibly the biggest problem with HTTPS is the fact that users have been trained over many years to just click "accept/install certificate" on self-signed certs. Not knowing that if you do this you are no longer secure.

And the more we keep forcing HTTPS, the more webmasters will use self-signed certs. Not many people want to go through the hassle of obtaining (and maintaining!) a valid SSL certificate for every single website they run, even if that cert is free. Which will only exacerbate the problem...

Re:Not perfect, but it's a start...

[jdi_knght]

I see a few problems with this approach: 1)Not all content is provided over both HTTP and HTTPS. For multiple reasons, one being performance. Which leads us to the second problem... 2)A HTTPS session incurs a significant overhead for encryption. Which may be no problem for someone like Google. But for someone hosting his/her own (moderately successful) website on a small server, it might just overload said server. 3)Quite possibly the biggest problem with HTTPS is the fact that users have been trained over many years to just click "accept/install certificate" on self-signed certs. Not knowing that if you do this you are no longer secure. And the more we keep forcing HTTPS, the more webmasters will use self-signed certs. Not many people want to go through the hassle of obtaining (and maintaining!) a valid SSL certificate for every single website they run, even if that cert is free. Which will only exacerbate the problem...

True, although the effect of #2 is generally pretty low, and because there's the potential for SPDY to pipeline everything over 1 HTTPS connection, total server load caused by each visitor can actually be lower, depending on the web server.

That said, biggest issues as I see them are:

1) HTTPS still has the extra overhead of establishing an SSL connection, which makes total page load time longer. The aforementioned SPDY can help compensate for this, but the pipelining of SPDY has the most benefit on sites that are poorly optimized to begin with (lots of resources, don't make use of image sprites, etc). Those who have spent time minimizing their page load time aren't likely to jump on the SSL bandwagon anytime soon.

2) An SSL certificate is out of reach for most normal people. Sure, you can get one for free from StartSSL, but trying to use the terminal to generate the .crt, install the key on the server, etc isn't for the non-slashdot crowd. Some providers make things a little easier, but there's only so much handholding that can be done. Even where the average person might muddle their way through and figure it out, the average person also uses shared hosting and will probably need to pay to get it installed, because you can't install it yourself on the vast majority of shared hosts - many also don't have SNI enabled and will also require that you use a dedicated IP for the cert which is extra cost there. This is assuming the user didn't find it easiest just to buy a cert via the host at an inflated price.That's a lot of time, work and extra money for the average Joe who is paying $5 to host his WordPress blog and the depth of his expertise is that he just learned how to install plugins.

3) Client-side MITM has already been happening - I read an article about a school doing it by adding/trusting certs on individual machines and proxying requests through their "fake" server (presumable so they can make sure kids aren't visiting the naughty sites), but can't find the article atm. Not that this is a widespread practise, and just because something isn't bullet-proof doesn't mean you shouldn't use it. But as HTTPS grows in popularity, I wouldn't be at all surprised if we start seeing an increase in malware/toolbars which do something similar.

I see the 2nd item as the biggest roadblock. And if they want adoption to go up quickly, the only way would be to convince Google to use an SSL cert as one of the factors in the SERPs, since that's the only way to get the majority of webmasters & hosts to make a widespread change insanely fast (and to compete price-wise to do the same for the average Joe). Though to be honest, I don't know that abruptly forcing SSL on everyone would be the greatest idea anyway...

Re:Not perfect, but it's a start...

[heypete]

I see a few problems with this approach:

1)Not all content is provided over both HTTP and HTTPS. For multiple reasons, one being performance. Which leads us to the second problem...

True, which is why HTTPS Everywhere only enables HTTPS on sites that support it (they are specifically whitelisted by the extension devs).

2)A HTTPS session incurs a significant overhead for encryption. Which may be no problem for someone like Google. But for someone hosting his/her own (moderately successful) website on a small server, it might just overload said server.

While HTTPS does incur some overhead, it's surprisingly small for modern servers. Google, for example, was able to add SSL/TLS to all Gmail connections with no new hardware, no additional servers, and SSL/TLS accounts for only about 1% of their CPU time (see here for details).

Pretty much any server will reach other bottlenecks before the slight overhead of SSL/TLS becomes an issue. Using Perfect Forward Secrecy is important for security and using DHE-based ciphers do incur a moderate overhead compared to non-DHE ciphers (a factor of about 3). Using ECDHE instead makes the increase in overhead only about 15% rather than 300%. See here for details.

3)Quite possibly the biggest problem with HTTPS is the fact that users have been trained over many years to just click "accept/install certificate" on self-signed certs. Not knowing that if you do this you are no longer secure.

And the more we keep forcing HTTPS, the more webmasters will use self-signed certs. Not many people want to go through the hassle of obtaining (and maintaining!) a valid SSL certificate for every single website they run, even if that cert is free. Which will only exacerbate the problem...

[citation needed] Getting a domain-validated SSL cert from publicly-available CAs is the work of a few minutes and, as you point out, often available for free or very low cost. Many hosts will automate the generation of a private key and CSR, making the process one of copy-paste for the customer. Other hosts handle the entire process of generating a private key, getting it signed by a CA, and configuring things correctly.

Sure, some sites use self-signed certs, but these are usually for personal or internal corporate purposes and not for the general public. The scary warnings in browsers aren't likely to go away anytime soon, so I doubt that any webmaster of a website meant for public use is going to be using self-signed certs (other than those catering to specific, tech-savvy audiences).

Re:Not perfect, but it's a start...

[Wootery]

The scary warnings in browsers aren't likely to go away anytime soon, so I doubt that any webmaster of a website meant for public use is going to be using self-signed certs (other than those catering to specific, tech-savvy audiences).

Tech-savvy audiences are ok with self-signed certs?

Re:Not perfect, but it's a start...

[heypete]

The scary warnings in browsers aren't likely to go away anytime soon, so I doubt that any webmaster of a website meant for public use is going to be using self-signed certs (other than those catering to specific, tech-savvy audiences).

Tech-savvy audiences are ok with self-signed certs?

Some, sure.

Note how I used "specific". That word was used for a reason.

There may be, for example, a community of crypto-savvy users who would rather not rely on a third-party CA to authenticate their certs. A site administrator could issue a self-signed certificate for the community site and post the PGP-signed details (e.g. fingerprint, key length, etc.) of the certificate so that members could verify its authenticity.

Other sites, like the anti-spam DNSBL named SORBS, use certs issued by their own internal CA. Users of that site may well trust the CA to issue such certs.

Self-signed certs have their uses, but are not really suitable for secure sites intended to be used by the general public.

Re:Not perfect, but it's a start...

[petermgreen]

Getting a domain-validated SSL cert from publicly-available CAs is the work of a few minutes and, as you point out, often available for free or very low cost.

That is true, however.

1: until internet explorer on windows XP and the default browser on android 2.x die out we can only use one cert per IP. So we are stuck with either managing seperate IPs for each hostname or paying significantly more to have multiple names on one cert.;
2: you have to go through the certificate dance again every year or two. If you don't then your users start getting warnings.

Re:Not perfect, but it's a start...

[Wootery]

Sounds reasonable - I thought you meant you were expecting tech-savvy users to ignore browser warnings.

Re:Not perfect, but it's a start...

[tepples]

until internet explorer on windows XP and the default browser on android 2.x die out we can only use one cert per IP.

Sixty-two more days until Windows XP support ends and IE/XP can be presumed vulnerable to forever-days.

you have to go through the certificate dance again every year or two. If you don't then your users start getting warnings.

You have to go through the hosting renewal dance and domain renewal dance anyway.

Re:Not perfect, but it's a start...

[ObsessiveMathsFreak]

3)Quite possibly the biggest problem with HTTPS is the fact that users have been trained over many years to just click "accept/install certificate" on self-signed certs. Not knowing that if you do this you are no longer secure.

Wrong. Wrong. Wrong. Get your head out of Applied Cryptography and come into the real world.

Accepting a self signed cert means your connection is far more secure than an unencrypted one. Oh there could be a myth in the middle attack, but in that even a CA verified cert is only secure by one more party. Let me put it in a table

CA cert: 2 parties (In theory)
Self-signed cert: 2-3 parties (1 hijacker in theory)
Unencrypted connection: 2-n parties (where n is the total number of people with access to plaintext traffic across all networks the message is transmitted through.)

Do I even need to add how much traffic is being transmitted wirelessly nowadays? Do I?

Let me ask you directly: Do you believe that a person trusting a self-signed cert is less secure than a person using an unencrypted connection? Honestly? Don't try to redefine security to mean encryption+trust; not now, not after the NSA mass surveillance revelations. Just don't.

Just tell me who is more secure: Aunt Tillie sending all her emails over unencrypted connections, or Dave sending his emails to a server with a self-signed cert? Who is more secure?

Re:Not perfect, but it's a start...

[bogd]

I will grant you the fact that unencrypted connections are vulnerable to both sniffing and MITM, while self-signed certs are "only" vulnerable to MITM. But you seem to believe that there is a huge leap from sniffing to mounting a MITM - and this is where we disagree. While MITM may incur an additional cost for the attacker, it is far from being an unrealistic scenario (see below for some examples).

As for the rest of your rant^H^H^H^H post, it doesn't really make sense. You believe that a self-signed certificate will somehow "protect" you from the NSA? Who is somehow incapable of a MITM? Well, this, this and this may prove... enlightening. And while we're on the topic of "additional reading", may I also recommend "Alice in Warningland" - a study showing 70+% clickthrough rates for SSL warnings.

There are some other issues, like you mentioning wireless traffic. With WPA2 being the default, and with many modern wireless NICs no longer supporting promiscuous mode, it is often more difficult to sniff wireless traffic than to mount a MITM on a wired network (especially when the target is the victim's router - again, see the links above).

Security means encryption + integrity + authentication. Period. Anything less is no longer secure.

Re:Not perfect, but it's a start...

[bogd]

I forgot to answer your question...

Let me ask you directly: Do you believe that a person trusting a self-signed cert is less secure than a person using an unencrypted connection?

No. I never said that it is less secure. I said that once you start blindly accepting self-signed SSL certificates, you are no longer secure. Maybe not as insecure as with clear text, but definitely not too far away from it.

Re:Not perfect, but it's a start...

[ObsessiveMathsFreak]

Security means encryption + integrity + authentication. Period. Anything less is no longer secure.

Why? Why should this be the standard for "security"?

How are we to certify encryption, integrity, or authentication? Through certification authorities? Or trusting organisations like NIST? Are we to hope that our data will have integrity anywhere in an internet which is dystopianly dominated by agencies like the NSA?

Your standards are arbitrary, and ultimately flawed. Dogmatic adherence to them has lead Mozilla at least to all but blacklist general purpose basic encryption (sans "security") on the web, and has lead to a world where all data is up for grabs by default, and which in fact has been so grabbed.

Firefox should not be making decisions for users on whether or not authentication less encryption is a good or bad thing. Just don't highlight self signed certs with a yellow lock bar was all anyone could want. But Mozilla went beyond this and the encrypted web has been set back by a decade or more.

P.S.
(I increasingly believe that Mozilla's decision, and quite possibly the encryption communities dogmatic insistence on authentication were in part motivated by the NSAs soft influence. /notobviouslyparanoidanymoretinfoil)

Re:Not perfect, but it's a start...

[petermgreen]

Sixty-two more days until Windows XP support ends and IE/XP can be presumed vulnerable to forever-days.

Yeah :(

Unfortunately i'm not sure that will stop people using it.

You have to go through the hosting renewal dance and domain renewal dance anyway.

At least with the providers I use hosting is just on an ongoing contract automatically paid.

With domain renewals I can either put them on automatic renewal or renew at my conviniance for pretty much as long as I want and with no penalties for renewing early.

With SSL certs I have to do a manual dance* every time it comes up for renewal (which seems to be once a year for the only free provider i'm aware of) and do that dance within an annoyingly short time window.

* Revalidate myself with the ssl provider, generate the csr, feed the csr to the provider (who ignore most of it), get the cert, search for the correct intermediate certs to go with it and install it into the web server. Along the way of course I have to look up how to do many of the steps again because it's long enough since I last did them that I forget the details.

Re:Not perfect, but it's a start...

[bogd]

Security means encryption + integrity + authentication.

Why? Why should this be the standard for "security"?

Because so far it's the best we have. And because security is only as strong as the weakest link.
You seem, however, to disagree. What would, in your opinion, be a reasonable standard for end-to-end security?

I'm not sure what you mean by Mozilla "blacklisting" basic encryption. As far as I know, self-signed certs work just fine in Mozilla. With a warning, of course - as it should be (and IMHO, that warning should be much stronger than it already is).

Just don't highlight self signed certs with a yellow lock bar was all anyone could want

You seem to forget that the web is not only visited by people like you, me, and most of the /. crew. Average Joe doesn't know how to look at the lock bar, and he doesn't know how to check if a certificate is valid. And this makes him the point where encryption without trust falls apart.

And since you seem intent on throwing NSA around - while it may be easier for them to just sniff traffic, they really have no problem in mounting a MITM attack (see links in my previous post). And while it has not been proven yet, they might just as well have the ability to generate their own certificates, trusted by the major browser vendors (see here - but again, keep in mind that this is just speculation at the moment).

So even if we have encryption+authentication, it still may not be enough. Not when faced with an attacker which has the resources to break the chain of trust.

I won't even get started on the fact that the NSA has knowingly attempted to compromise encryption standards. :)

Re:What the frak?

[firex726]

Not the first time either... IDK why the admins can't impose a rule about duplicate posts in the comments.

How many cases are there that one user would need to make a dozen identical posts of over 1000+ words?

Re:What the frak?

[Cenan]

You're confusing User with Customer. We're the users, advertisers are the customers.

"Can remove spam" and "will remove spam" are not the same thing. They absolutely, trivially could prevent this kind of spam - but why would they? Nobody at Dice cares! In all the years I've come here I've never seen the admins do anything remotely resembling administration of their site.

Another comment on a thread, no matter how trivial or spammy, enforces the illusion of a site that is still alive. This illusion is used to make the search indexers think that something of relevance is going on at the site, and rate it higher, which in turn exposes yet more of Dice's advertising. The key to proper SEO is novel content, the trick is that the content doesn't have to be at all relevant or even coherent, it just has to be new and Google will swallow it like a junior at the prom with the star jock.

Whenever some moron codes up a new incarnation of retardo-bot and launches it in a flurry of masturbation, a whole host of /. users will flock around and comment on the spam. It's a viscous cycle and Dice has no incentive to stop it.

Short story even shorter: Dice runs the site. Dice profits from not removing spam posts.

what's secure about this ?

[dan_in_dublin]

This is stupid, there's no benefit to using https on many sites. We can understand a security need by thinking about confidentiality, integrity, and availability. If I connect with https to a site which doesnt have my personal data (e.g. news sites) there is no benefit to confidentiality - the site is availabile to anyone, the info isnt confidential to me. Integrity - without 2 way authentication (which https typically doesnt do) there is only a marginal increase in difficult to compromise the integrity of a http request or response. Why would anyone do that with something like news though. Availability https doesnt change anything, probably makes it worse as the site has to negotiate TLS sessions Accessing sites with personal data, banks, email, faceboook - https is essential. Accessing sites without personal info, such as news, https accomplishes strictly nothing, it's is a waste of cpu cycles and the energy that powers them

firefox jumping the shark?

[csumpi]

is this publicity stunt a sign of some trouble at firefox? otherwise they should be smarter than making stupid claims like this, right?

Re:firefox jumping the shark?

This is the EFF saying that a product made by the EFF is good at doing what it is designed to do. It just so happens that the product happens to be a Firefox addon and is designed to make Firefox browsers more secure. The EFF is saying that their product makes Firefox for Android more resilient against surveillance than other mobile browsers. Mozilla isn't involved in the article.

Re:What the frak?

[UberVegeta]

It's a viscous cycle

Maybe we should sticky this.

Re:What the frak?

[Cenan]

We really should! In my defense I work with fluid mechanics so viscosity comes up a lot.

duh

[smash]

where is the HTTPS terminated and who holds the keys?

Re:What the frak?

[Desler]

There is a duplicate post filter. It's just extremely easy to bypass.

just want to say thank you

[onepoint]

Just want to say thank you

Re:Breaks some websites (Java 7u51)

[markdowling]

You need to add them to the Java Control Panel applet exception list. Works for me.

Why doesn't Slashdot do SSL?

[crow]

This doesn't work with Slashdot. At least if you put in a https, it redirects, so they have it set up; they just don't use it. You would think that a technology site would be up on current technology.

The presumption is...

[QuietLagoon]

... that HTTPS is itself secure.

.
It is not.

Re:What the frak?

[Somebody+Is+Using+My]

On the other hand, I would feel extremely uncomfortable if they /did/ moderate the comments. Because that sort of activity can quickly snowball from their just deleting spammer accounts/comments to zapping comments that they disagree with or feel is not in the company's interests. Especially since the users do such a good job of cleaning up the trash themselves (honestly, except on the occassions when I read at comment level 0, I never even SEE these MyCleanPC or other spam/troll comments anymore).

I wish Dice did better editing the SUBMISSIONS (even if all they did was correct any typos or prevent obvious dupes) but I am far happier if they keep their hands off the comments themselves.

Re:It's a joke. Laugh.

[ImprovOmega]

It's actually wrapped back around to advertising. See, they're just trying to camouflage it as "humorous" to get one or two people to think it's funny, haha, cute joke while getting their name out there. The problem is that it's still just advertising. It just requires an extra layer of cynicism to see it for what it is.

Re:What the frak?

[jbmartin6]

Doesn't' beta.slashdot.org count as something resembling administration?

Hipsterism of a slightly different flavor tastes

[TangoMargarine]

as sweet

Or the people who feel the need to start a new comment thread talking about people talking about spamming...

Crap. Now I'm talking about people talking about people talking about spamming.

Re:unnecessary bloat cruft

[AC-x]

Nonsense. If you're browsing the web and following a bunch of links, you would have to long press the link to copy it, long press to paste it in the url bar, edit the url to add the S (this is mobile, so moving the cursor directly between the "p" and the ":" is non-trivial), and hit enter... for every link you follow.

And don't forget the waiting for it to fail and changing it back to HTTP:// when you get a server that doesn't have https.

Re:What the frak?

[Cenan]

I guess for some, very broad, interpretations of the word "administration". Kind of like how a steaming pile of dog shit resembles chocolate cake.

Betteridges Law of Headlines finally proven wrong?

[allo]

Betteridges Law of Headlines finally proven wrong?

Re:What the frak?

[SpanglerIsAGod]

I agree with this. The moderation here is designed to make deleting or blocking posts unnecessary, and I like that.
I also like that you can't edit posts since lots of people like to troll and change their post after it get's responses to make responders look like idiots.

Re:What the frak?

[Cenan]

On the other hand, I would feel extremely uncomfortable if they /did/ moderate the comments. Because that sort of activity can quickly snowball from their just deleting spammer accounts/comments to zapping comments that they disagree with or feel is not in the company's interests. Especially since the users do such a good job of cleaning up the trash themselves (honestly, except on the occassions when I read at comment level 0, I never even SEE these MyCleanPC or other spam/troll comments anymore).

Yes, there are plenty of other places on the 'net where anal mods have free roam, we don't need another. I don't agree that the users here do a good job of cleaning up. They do a very good job of promoting circle jerking by instantly promoting mundane comments to +5 Funny/Insightful/Interesting for agreeing with them. I always browse at -1 for that very reason, once in a while a -1 comment will actually have something novel to say.

I wish Dice did better editing the SUBMISSIONS

I agree! But that is a problem to which my original explanation also applies. They've got no reason to clean it up. Posting craptastic submissions just spawns threads much like this one, where people discuss how god awful /. has become and how much better "the olden days" were. /. is unique in the way it handles news aggregation and user composed content. Dice has just elected to take a dump all over the concept to maximize profits. They could do something about the shit that keeps dripping on us, but why should they when we keep coming?

I find that blocking submissions from Roblimo actually takes care of most of the idiocy that gets posted, at least the obvious for-profit stories goes away. Now they just need a spell checker, if they get that right we could go for gold and demand they also fact check.

Re:What the frak?

[azalin]

For the first time I see the death of /. coming around the bend.

You must be new here.

Amen to that

Re:Hipsterism of a slightly different flavor taste

[stillpixel]

Talking about people talking about people talking about people spamming is so 6 comments ago.

Re:What the frak?

[danomac]

It's a viscous cycle and Dice has no incentive to stop it.

Short story even shorter: Dice runs the site. Dice profits from not removing spam posts.

I guess Dice is throwing stuff at the site and is waiting to see what sticks?

Damn Beta site

[Algae_94]

It looks like I can filter the Beta site comments by ranking, but there is then no way to read a parent comment if it doesn't make the cut. This gives me the choice of, read all this CleanPC shit, or not be able to read the low ranked parent of any highly ranked post.

It also appears that the post anonymous feature is gone. Now I'm going to have to completely log out to do that. I'm not impressed with this.

Re:What the frak?

[n6kuy]

Does Netcraft confirm it?

I moved pineight.com to WebFaction for SNI

[tepples]

you can't install it yourself on the vast majority of shared hosts - many also don't have SNI enabled and will also require that you use a dedicated IP for the cert which is extra cost there.

SNI support is part of why I switched pineight.com from Go Daddy shared hosting to WebFaction shared hosting. But I think shared hosts don't offer SNI hosting because of the perceived support cost of complaints from users of Internet Explorer for Windows XP. It and Android Browser for Android 2.x are the last two remaining major browsers that don't support SNI. But in two months, Microsoft will stop releasing security updates for Windows XP. At that point, migrating to SNI will make sense because server operators can presume that IE/XP is insecure, especially once computer vandals start deploying client-side MITM through a forever-day exploit in Windows XP. The login form summarizes the Firesheep, SNI, and IE/XP issues and links to a TLS version of the form for users with compatible browsers.

Re:unnecessary bloat cruft

[AK+Marc]

When I type www.google.com and my browser sends me to HTTP://www.google.com, why would it be be a crutch to have it send me to HTTPS:// instead?

Yes, directing people to https when they click http on a page is a crutch, but for the designers, who obviously don't care, not for the user.

If enough sites put up a safety warning

[tepples]

You make a good point about the labor difference between renewing a domain and hosting and renewing a certificate.

Unfortunately i'm not sure that [end of support] will stop people using [Windows XP].

They will likely stop once enough popular web sites start informing them about the end of support and its ramifications. The message for old IE would look like this, including a subtle dig at the Copyright Term Extension Act:

To protect the safety of your account, $site_name requires everyone to log in through a secure connection. This means we cannot allow logging in from web browsers that no longer get security updates. Microsoft stopped providing security updates for Internet Explorer on Windows XP in April 2014, and updates are not scheduled to resume until January 2097. Ask your system administrator or local PC builder about upgrading.

And the message for old Android Browser would look like this:

To protect the safety of your account, $site_name requires everyone to log in through a secure connection. This means we cannot allow logging in from web browsers that no longer get security updates. Ask your device manufacturer about an upgrade to Android 4, or install the Mozilla Firefox browser through Google Play Store.

Why doesn't the beta site auto-populate comment su

[NoImNotNineVolt]

That's GNU/Hurt-Mobile OS. Have you heard a single word RMS has said?!