Stop allowing the perpetrators to hide behind the corporate veil.

Well, if you live within 100 miles inside the boarder, you have no Rights anyway. Stands to reason it would be even more so outside the border.

Compared to the anal probing from Comcast et. al.? Yeah, it's free.

Yeah, and after all that work to prepare, the rest of the world said "I don't know why you nerds made such a big deal out of this. Nothing happened!" It's enough to make you want to quit your job, cut the soles off your shoes, sit in a tree and learn to play the flute.

Whoops! Sentences are hard! That invitiation must have been lost in the mail, that is.

Uh, I'm sorry, the invitation to the club meeting where we let "them" into "our ranks".

(hint: Collective accountability is a bullshit philosophy.)

They should show them pirated pirate movies.

The NSA has not been caught red-handed, either. The article even points out that the pictures have not been independently verified.

It's useful, I don't know if it's convenient. Most sites won't even load anymore if you have Javascript turned off.

What does "obsolete" mean? If his writing instrument does what he needs it to do and he's happy using it, then more power to him. Who's to tell him he can't use it, or an IBM Selectric, or even a quill pen and vellum? Nothing is obsolete if it still works for your needs.

If they're not a NASA astronaut, why would they?

>If you have a site where an attacker would have bothered with the elaborate process of getting the private key, and then do MITM attacks with it on users, and it >would actually matter, you wouldn't have used StartSSL in the first place, and $25 would be absolutely nothing for you.

>Hint: not you

None of which has any bearing on my original point, which is that we need a better and more secure way of applying security to web servers that isn't reliant on the good graces of a third party (either through their schedule of fees or through their procedures and policies). If you want a more secure internet, you have to make it cheaper and easier for the guys who are just like me. As I mentioned in my top post, the admins I spoke of can't afford to replace their certificates and so their sites remain unsecured.

StartSSL won't revoke a certificate unless you pay the $25 revocation fee and they won't just let you cut a new certificate while the old one is unrevoked. How is that not extortion? The only option is to either pay up or find another provider (and leave your old, unrevoked certificate out there).

>Yup, twenty-five whole dollars. That's the price of several Big Macs, with fries!. Shameless what some CAs will charge.

(Not defending the CA racket here, but $25 isn't really that much when they give the certs out for free. In any case why revoke them, just replace them with a new, free cert. Yes, I know someone can spoof the server using the old cert, but if you want to save the $25...).

That's $25 per certificate. That may sound cheap to you, but it's not cheap to everyone and especially not when you may have several (or dozens) to replace. In any case, revocations should be free. Also, StartSSL won't let you cut a new certificate for a host while an unrevoked certificate exists for that host, so you either pay them to revoke it, wait until it expires, or change the hostname (or move to a different CA, I guess). All three are unacceptable scenarios, IMHO.