So how does someone like me obtain your key securely? if you send me a message that is signed and say goto this link to get the pubkey so you can check the signature, I don't know the message is really from you and all the attacker needs to do is put his pubkey at the message url, assuming the message came from the attacker impersonating you.

Even if the message was legit how can I know my routing or DNS isn't be tampered with? How do I verify andycanfield.com is really yours? Am I supposed to use SSL/TLS with a public CA and trust one of those extra layers that you don't and could easily be subverted by the NSA?

Key distribution is really a hard problem, don't feel bad for not having solved it noboday else really has either.

but but...web of trust...yadda, yadda. -- No This just does not work. It requires you have enough people you trust to make good transitive authentication decisions at least better than the commercial CAs do.

We are not saying that at all. It was okay to crack those codes because it was part of an effort to fight a DECLARED war against a foreign power. Those ciphers were specifically being used protected the military communications of our enemies. (Yes I am aware Enigma had commercial applications) The message they were focused on cracking specifically were those where there was GOOD CAUSE to believe they military communications.

There is nothing wrong SIGINT or pretty much any and all efforts to obtain information related to an entity we have lawful declaration of war against. Its a grey area where it comes to foreign nations which we are not at war with.

Its a violation of the 4th amendment in the opinion of many reasonable educated American citizens when it comes to doing it to us. You have already demonstrated that you will play fast and loose with any restrictions placed upon you. The hole 3 steps linking meant practically everyone's records were subject to tap, for example. So the fact your ilk and you sir are ilk because your comparisons of our largely impotent (in real terms of ability to cause mass causalities or economic harm no self inflicted in response ) terrorist enemies of today to those of WWII which had massive armies on the march and sunk our naval fleet off Perl Harbor is a blatant attempt to create fear and distract from the real issues.

Society simply does not have a strong enough interest in the ability decipher most peoples private communicates. If you have enough evidence obtained by methods most of the public would agree is reasonable to actually obtain a warrant to track someones phone, or seize their computer, intercept their e-mails etc, you probably have near enought to convict anyway. The thing is you don't have that, instead you grab up people with your little dragnet and than parallel construct your way to an excuse to size something that you than have to decipher because you need that evidence as you can't talk about anything else. Never mind all the other folks whose rights your violated along the way, nope its all good because it puts criminals behind bars. Guess what our justice system was predicated on the idea of individual rights needed to be respected even if that means the guilty go undetected or get aquited perhaps even most of the time. The fact they YOU DON'T LOVE AMERICA AND FREEDOM to borrow and politically charged quote of the day isn't our problem.

100 years ago it was okay under the 5th amendment not to tell you where I'd buried my ledgers in the woods, so today should it be okay for me to use encryption that you don't know how to break and not give you the keys.

Do what you want to ISIS AFTER CONGRESS DECLARES WAR until then go sit in the corner quietly and masturbate or something.

Certificate pinning (though downright irritating if you are doing local development) really is the right solution.

Outside your bank where you probably could get a self signed key given to you when you open an account, most of us don't have a way to initially verify the authenticity of a site. We need the 3rd party CAs. No web of trust does not really work because I for one don't known enough people I trust to competently handle key signing, and transitive authorization decisions better than the CAs do.

Pinning though would help a great deal. A loud warning that the certificate changed more than say a couple weeks prior to its original expiry date is a good control. Unfortunately there are still a number of perfectly legitimate reasons for that to occur and I don't have a good solution for how the end user is supposed to resolve that. One approach might be for browser software to 'require' the old CERT to either be expired or appear on the CRL before the new one is treated as valid. Now obviously that won't protect you if the CA itself is compromised, in all cases but it would close lots of holes.

NSA/other spy/criminal agency gets the original CA to issue a new cert - So mister spy now has to be able to sign for the CA as well as Google, and redirect traffic to both CA's revocation lists AND Gmail. This will be more difficult - though by no means impossible. If you manage to compromise the CA and get their private key you can do this.

However what you can no longer do is, get a cert from some other CA. IE the NSA can't use one of the DOD CA's that many browsers trust to issue a certificate for GMail, $DICTATOR in $COUNTRY can't use his national CA either. They have to actually get GEOTRUST or whoever the original issuer was to do it, or compromise them, not just any CA like today. This would be much better.

Yes, I am sure the OP was either be sarcastic or trolling but the reality is there are A LOT of web developers and marketing people who think that way. The most basic form of it is web pages that don't flow. Yet people build pages that force 4:3 layouts to this day, make you page through content that could easily scroll or even fit on a single page rendered on a large and hi-res display, etc.

These people do need to be named, shamed and generally rejected.

Maybe so but we are supposed to live in a society of laws, both here in the States and in Europe. The US governments general position is Americans are always subject to American laws, and nobody is supposed to be above the law. . Kevin Mitnick did essentially the same thing, called up a manufacturer social engineered them into giving him information. The FBI was certainly on his ass, the federal prosecutors certainly pushed for and obtained a conviction.

These guys though? Nobody will even look into it on the prosecutorial side because these guys had an NSA badge on why the did it.

There is the law, notice the lawfully authorized part? They are not entitled to do anything you and I can't do UNLESS they have a search warrant or there is some other law on the books specifically authorizing the activity. I doubt even the FISA court would have rubber stamped this one.

Yes it would in fringe on your freedoms. Its the MMU's job to enforce the Law not big brother Compilers.

        CartCrunch Israel LTD
        WiredTools LTD
        Say Media Group LTD
        Over the Rainbow Tech
        System Alerts
        ArcadeGiant
        Objectify Media Inc
        Catalytix Web Services
        OptimizerMonitor

"Yes we can!" to borrow an phrase from our freckless leader. I am not saying we should do that but we could stomp out ISIS if we wanted.

What we should do and I think would be a far far better approach would be to END our efforts in the middle east and implement real effective boarder security; where by persons DO NOT illegally enter the country successfully. Additionally implement intensified screenings with background checks and the closing of visa loop holes for people who wish to visit and for Americans returning from hot zones. All of that could probably be implemented for a tiny fraction of the of the on going costs of middle eastern conflicts.

If we however wanted to stop out ISIS we could recognize the problem for the Islamic threat that is, and take the approach the Russians did and the European colonial empires before them. Make everyone swear fealty to us and demand they control their people according to the laws our local military governor institutes. When the rules are broken either the local population turns over the responsible parties quickly or brutal and indiscriminate punitive action is implement instead. Where we drop a daisy-cutter on a population center, raise a holy site etc. This is exactly how the non failed states operate over there, the local dictator maintains a sufficient level of fear such that when anyone one discovers anyone else even thinking of resisting, turns them in to avoid everyone's lives being upended or just ended. Mind you this would put us on the same moral and ethical plane as Gaddafi, Saddam, al-Assad, and their ilk but its certainly "do-able" I think we are better than that, I really hope we are, but I do think we *could* do it.

No I don't have my left and right confused. I dare say most the GOP is confused about being on the right. Almost all regulation is a form of corporate give away. If it has no other effects, one certain effect is it creates a new barrier to entry in some way. Its a give away to the existing players because it keeps other out.

Think about this. Do you think it would be easier to setup a new health insurance company in 2015 than it was in 2009? I am not suggesting it was easy in 2009 but its certainly harder now. Who is that good for? -- existing insurers.

I really hope the King v. Burwell case goes against the government. The executive branch needs to learn they implement the law congress passes not the one they wish congress passes. If Obama and lefties suddenly are not allowed to continue to make up the rules as they go along maybe the other half of America will realize this law for the ill considered, abusive over reach of authority and corporate give away that it is.

I got news for you if your primary OS cert store gets fucked you are fucked. What do think your OS uses to validate updates etc? hmm?

If you OS is compromised there is little (probably no) information an attacker won't be able to get in terms what you are doing in your browser. So I reject your argument.

Like I said having the option to use its own keystore is a good thing. If you for specific reasons you may have don't want the browser to trust what is in the system store or want the browser to trust something you don't want to put in the user or system level CA stores that totally makes sense to me as needed granularity but its not what everyone needs and not what most will want much of the time. Its not a good default.

Well Mozilla products are defective in this area IMHO. They should system certificate stores by default rather than their own. On Windows they should the windows store, on OSX they should keychain and on linux/bsd they should use /etc/ssl

Shipping their own is confusing for end users and forces them to manage multiple trust locations. I can totally see some people wanting to use a different keystore for their web browser than other software uses and having an option would be nice, but it should NOT be the default let alone the only offered behavior. I write this as a long time Seamonkey user, but this would be my biggest complaint.

The first followup question should be; did / do you have Superfish installed on YOUR computer? I would be really interested to hear how much he valued this 'enhanced shopping experience'.

The simple fact is they willfully shipped spyware. Beyond that they willfully shipped spyware with the potential to compromise one of the most fundamental security mechanisms Internet users rely on, SSL/TSL by inserting itself into the authentication chain. Beyond that the Superfish spyware did compromise SSL/TLS because the private key it uses to generate proxy certificates was poorly protected.

So on the first count we might excuse them, everybody does it although its still slimy. On the second count they should have know they were crossing a line and entering deep scumbag territory. On the third count well, again I guess everybody does it.

Smaltalk...