I didn't bother to read the article. But still, sounds to me like China uses much more sofisticated methodes to spy on people entering the country than the US, which may just confiscate your electronic equipment upon entering if they feel like it...;-)
"Instead, it shows a [...] warning that requires 4 clicks and an 'add an exception' dialog box to bypass. This behavior means that a public web site basically can't be encrypted unless they are willing to pay an approved vendor a yearly fee for a certificate."
I don't see how the second sentence follows from the first one. If you want security you need to make sure people don't click blindly accept-accept-accept!
If you are not happy with the way the email service is provided (in this case by Yahoo), then change tho some other place, say for example Google. Mark me troll.. but isn't this the way the market works?
"It's leeching *your* processor and bandwidth!"... I don't share this observation. It is running on my linux box since the days I had a Pentium III and it never took much computing power, especially while ideling. Rarely I notice on my network monitor a 10kbit/s transfer when my skype client serves as a relay for two other skype clients which cannot communicate directly. That is basically all...
With closed source and closed protocol specifications there is no way to disprove the claim of an existing backdoor. Regardless of wether there really exist a backdoor or not. Simple but true and it is the drawback of wanting to provide security in a closed source environment.
I would always get the feeling to be tricked. On the internet I can search around for good deals, reliable companies and products and sellers which have their reputation.
On a TiVo I would always wonder what the companies did pay to get the place, whether the product is realy as good as it is and worth that money and wheather TiVo is tricking me again into something. I would never trust it. And I would get annoyed by it.
And more over: I don't have a TV (only a screen attached to my DVD player)...
You don't get security if you switch of your brain. Something like I-refuse-to-think-but-want-to-have-it-secure... forget it!
If I understand it right, the expensive authorities put some effort (do they?) into checking the identity of some person applying for a certificate. You pay for this work and on the otherhand you get a certificate which most browsers can verify immediately without shouting loud.
If you make yourself a certificate not using the those authorities, you need explicitely tell the browser (once) to accept the certificate. It is in my opinion good that the browser shouts quite a lot, because this makes people think a bit before they accept it.
Now would you think that a low buddget CA authority could/would provide the same trust as the more expensive ones? Would you trust it so much that you would automaticaly accept all certificates from this CA authority?
It is sometimes astonishing how little effort people want to put into learning something new. Even if you would give them a hands on lesson which would not take longer than 30 minutes! "It is sooooo complicated!" is equivalent to not more than "I did hear a new word!".
Encrytion is not in every circumstance easy to set up, but for example Thunderbird together with EnigMail... just plain easy to use and doesn't take a long time to teach. It is simple to create a key, to distribute the key by mail or upload it to a key server, it is easy to encrypt or decrypt a message and so on. When I see my parents again I will teach my mother how to send me encrypted mails... and I will succeed!:-)
Which law is the Piratebay trying to circumvent? The people in Sweeden which are running the Piratebay are not breaking Sweedish law as far as I know. And enabling SSL is also not against any law there as far as I know.
Slashdot Mirror
I didn't bother to read the article. But still, sounds to me like China uses much more sofisticated methodes to spy on people entering the country than the US, which may just confiscate your electronic equipment upon entering if they feel like it... ;-)
"The person being hurt is the mailing list owner..."
I don't agree. If the subscribers to the mailing list use crappy e-mail accounts it is not the mailing list owners fault...
I like the original better which ends in "...prepar to die!"
"Instead, it shows a [...] warning that requires 4 clicks and an 'add an exception' dialog box to bypass. This behavior means that a public web site basically can't be encrypted unless they are willing to pay an approved vendor a yearly fee for a certificate."
I don't see how the second sentence follows from the first one. If you want security you need to make sure people don't click blindly accept-accept-accept!
If you are not happy with the way the email service is provided (in this case by Yahoo), then change tho some other place, say for example Google. Mark me troll .. but isn't this the way the market works?
...one can't trust encryptinon if it is done off site. Point.
If you want your communication secure encrypt it on your computer which you trust. This is the only way to keep it secure...
"It's leeching *your* processor and bandwidth!" ... I don't share this observation. It is running on my linux box since the days I had a Pentium III and it never took much computing power, especially while ideling. Rarely I notice on my network monitor a 10kbit/s transfer when my skype client serves as a relay for two other skype clients which cannot communicate directly. That is basically all...
With closed source and closed protocol specifications there is no way to disprove the claim of an existing backdoor. Regardless of wether there really exist a backdoor or not. Simple but true and it is the drawback of wanting to provide security in a closed source environment.
Or maybe their customers are actually chanting "Yahoo!" over it. Maybe just with a different meaning to it... like in "D'oh!".
Come on, guys, what does it take so long to tag this story with the 'haha' tag??? Are you all asleep?
I'm a very happy Be* customer. They seem still to be on the side of the custommers and I love them for this (and their good service)! :-)
"no one has ever gone broke by underestimating the intelligence of the American public."
Nuff said. :)
I would always get the feeling to be tricked. On the internet I can search around for good deals, reliable companies and products and sellers which have their reputation.
On a TiVo I would always wonder what the companies did pay to get the place, whether the product is realy as good as it is and worth that money and wheather TiVo is tricking me again into something. I would never trust it. And I would get annoyed by it.
And more over: I don't have a TV (only a screen attached to my DVD player)...
Any lawyer around?
Ups, sorry. ;-)
But someone just modded my comment as 'insightful'. Someone at O2?
Updating the robots.txt is not a security measure. The web servers should never reveal the MMS without authentication in the first place.
Honestly? Surprised that there exists interests in changing the outcome of an election in a favourable way?
You don't get security if you switch of your brain. Something like I-refuse-to-think-but-want-to-have-it-secure ... forget it!
If I understand it right, the expensive authorities put some effort (do they?) into checking the identity of some person applying for a certificate. You pay for this work and on the otherhand you get a certificate which most browsers can verify immediately without shouting loud.
If you make yourself a certificate not using the those authorities, you need explicitely tell the browser (once) to accept the certificate. It is in my opinion good that the browser shouts quite a lot, because this makes people think a bit before they accept it.
Now would you think that a low buddget CA authority could/would provide the same trust as the more expensive ones? Would you trust it so much that you would automaticaly accept all certificates from this CA authority?
It is sometimes astonishing how little effort people want to put into learning something new. Even if you would give them a hands on lesson which would not take longer than 30 minutes! "It is sooooo complicated!" is equivalent to not more than "I did hear a new word!".
Encrytion is not in every circumstance easy to set up, but for example Thunderbird together with EnigMail... just plain easy to use and doesn't take a long time to teach. It is simple to create a key, to distribute the key by mail or upload it to a key server, it is easy to encrypt or decrypt a message and so on. When I see my parents again I will teach my mother how to send me encrypted mails ... and I will succeed! :-)
Which law is the Piratebay trying to circumvent? The people in Sweeden which are running the Piratebay are not breaking Sweedish law as far as I know. And enabling SSL is also not against any law there as far as I know.
Would you feel the same if they would put you into jail for many years for something you haven't done?
I think it is not illegal to cause bandwith usage and do silly things like transfering a lot of random data straight to /dev/null just for fun.
And if we get to the point that the principle "guilty until proven innocent" is applied ... that we have far worse problems.
TrueCrypt (as an example) has the possibility to hide encrypted data and provides plausible deniability. So those laws would run into void here...
And long time it hasn't been used anymore. It is about time to get those machines again out of the dark and into proper use!
And same for people which do not manage to post HTML messages properly on Slashdot!
;-)</strong>
<strong>sic!