Comment I can't wait (Score 1) 85
To start mining bitcoins for our Wall Street overlords
To start mining bitcoins for our Wall Street overlords
Every single pledge drive I have ever heard includes a little FUD. If you don't sound a little alarmist, nobody would ever donate...
Same relationship that organized religion has with Hell...
Men work harder than women because they're healthier and have more stamina
At the rate that Google is going with their crusade against insecurity, I believe it is only a matter of time before they follow suite with Chrome.
Sorry, I only half read your post. You are right, I am wrong.
This has not been the case for a long, long time.
All major web server software will allow virtual hosts on shared IPs using Server Name Indication which has been part of the TLS standard since version 1.0
This is done ALL THE TIME by too many entities to even count. The only time this is potentially bad is when it is done in self interest. This is clearly not the case here.
In this case, the encryption is not about asserting identity, it is about encrypting the data stream from point-to-point. This solves a lot of issues that currently plague the Internet as a whole while, at the same time, introducing new problems which will need to be worked out.
I believe this is a move in the right direction and can only help people be more secure, not less.
This is exactly what the Let's Encrypt standard will do.
If you look you will find that pretty much every bank has RC4 as their top cipher in the list. This is due to the fact that, while relatively weak, there are no known attacks against the cipher itself (other than brute force).
As has been mentioned before in this thread, use the Let's Encrypt protocol to get a publicly valid cert for free, set up your own internal CA or just use self signed certs... not hard.
This is really a separate issue though.
I am sure that most governments have at least once CA in their pocket these days.
And, really, no matter what system is in place, governments will always have wire-level access and all kinds of backdoor agreements with manufacturers.
This move is not intended to curb government surveillance though (although it does add at least one more barrier to the process).
The first step toward a more secure system is to get rid of the insecure parts.
Anyway, I am pretty sure the HTTP 2.0 standard is going to be secure by default so this is just getting ahead of the ball.
This for sure.
It is seen time-and-again, candidate promises x, y and z and delivers nothing but the same old crap then blames gridlock and infighting as the cause.
I get the sense, more and more, that political theatre is more script than actual debate.
Great that they are thinking about security on the device long before they are implemented... but, I would think that it would be way more important to think about the connection these things are communicating over first...
Seems to me that battlefield and rural areas would have the least reliable network connection possible. I would think that the bar would need to be raised in this area before SURGERY could be accomplished.
2+2=5
I am with you.
I really feel that by making drugs illegal and taboo we make it
These points alone play a big part in setting some people on to a dark path.
"Ninety percent of baseball is half mental." -- Yogi Berra