Yes this is a possibility but I really speaking for the masses not for my self - most apps of mine are secured. I just wondering why isn't there any decent way to do it.
Maybe the world is full of crappy noobs who cant program very well?
I am a employer and have asked a lot of candidates what they can too and how much they want to get paid and very often come across people who want to have big bucks but have only experience with like PHP or Java but really they don't know anything of software development. Every decent programmer has to know what is a pointer and how the basic memory management goes.
Yeah, I know that the sys admin could do it. My point is that it makes it harder and when it isn't so easy to attack somebody then many so called hackers give up.
Of course WIFI is a damned security hole but my point is that when You need sometimes these kinds of access (You never know when) then You would feel more secure when You have a self-signed cert than nothing. I am sitting right now in a public WIFI at my universities library. It is completly unprotected - no WPA nor WEP - but I'll know why it is so. The hassle with sharing keys to hundreds of people every day is too big job. Therefor I would be happy if my webmail client has some kind of protection even if this doesn't scare off experienced sys admins but helps to avoid nosy IT students (I have done it myself to show that WIFI is a f***ing security hole).
You are always vulnerable to a "man in the middle attack". There isn't any secure way to exchange messages with an another party without being in danger of some kind of attack (even offline). My point is that people need some kind protection which isn't expensive.
I didn't wrote about the danger of some sort of attack. I am talking about encrypting my packets to some kind intranet or webmail which ensures me that nosy admins or kids who are trying to read packets in a public WIFI couldn't read my private messages with ease. When You have some info about things that is so interesting for somebody that they are ready to make some kind attack then it is better to exchange this info in private.
In my opinion should browsers support self-signed certs by default because there are thousands of intranets for private use where there is no need for a CA certified cert. Like somebody said before secure web mail access is a important issue. For me is it important that the cert is coming from the same server where I'll try to log-in and nothing more. If the browser could detect that and only hint that this is not a CA certified cert - not to pop-up some warnings - would be just fine.
I'll see also benefits for a CA certified certs. Like for pay-pal, banks, government sites I'll need certainty that the information I am currently posting isn't going to wrong hands.
Slashdot Mirror
Yes this is a possibility but I really speaking for the masses not for my self - most apps of mine are secured. I just wondering why isn't there any decent way to do it.
Maybe the world is full of crappy noobs who cant program very well? I am a employer and have asked a lot of candidates what they can too and how much they want to get paid and very often come across people who want to have big bucks but have only experience with like PHP or Java but really they don't know anything of software development. Every decent programmer has to know what is a pointer and how the basic memory management goes.
Yeah, I know that the sys admin could do it. My point is that it makes it harder and when it isn't so easy to attack somebody then many so called hackers give up. Of course WIFI is a damned security hole but my point is that when You need sometimes these kinds of access (You never know when) then You would feel more secure when You have a self-signed cert than nothing. I am sitting right now in a public WIFI at my universities library. It is completly unprotected - no WPA nor WEP - but I'll know why it is so. The hassle with sharing keys to hundreds of people every day is too big job. Therefor I would be happy if my webmail client has some kind of protection even if this doesn't scare off experienced sys admins but helps to avoid nosy IT students (I have done it myself to show that WIFI is a f***ing security hole).
You are always vulnerable to a "man in the middle attack". There isn't any secure way to exchange messages with an another party without being in danger of some kind of attack (even offline). My point is that people need some kind protection which isn't expensive. I didn't wrote about the danger of some sort of attack. I am talking about encrypting my packets to some kind intranet or webmail which ensures me that nosy admins or kids who are trying to read packets in a public WIFI couldn't read my private messages with ease. When You have some info about things that is so interesting for somebody that they are ready to make some kind attack then it is better to exchange this info in private.
In my opinion should browsers support self-signed certs by default because there are thousands of intranets for private use where there is no need for a CA certified cert. Like somebody said before secure web mail access is a important issue. For me is it important that the cert is coming from the same server where I'll try to log-in and nothing more. If the browser could detect that and only hint that this is not a CA certified cert - not to pop-up some warnings - would be just fine. I'll see also benefits for a CA certified certs. Like for pay-pal, banks, government sites I'll need certainty that the information I am currently posting isn't going to wrong hands.