There is absolutely no reason that I'm aware of not to think the certificate authorities weren't compromised from the very beginning.
Even if you had compromised a CA, there would be a huge risk of being exposed the very first time you abused it. You have to send a legitimate certificate to the site owner, otherwise they would not be able to setup their https site in the first place. However a CA cannot abuse the legitimate certificate because they don't know the corresponding secret key. So in order to do any abuse, you have to forge another certificate.
Now there are two certificates each of which is definitely visible to a small set of legitimate users. If certificate pinning was widespread, then that would be enough to guarantee exposure. We just need a standard for chaining the legitimate certificates over time, such that certificate pinning can work well when the legitimate certificate is replaced with a new legitimate certificate before the old has expired. Ideally it would be designed in a way, that does not require cooperation from the CAs, because they might be afraid of losing control, if such a chaining was readily available.
It is useful and important to focus on as strong security against passive attacks as possible, even if it doesn't improve security against active attacks. Strong security against passive attacks will mean active attacks are needed in more cases, and it also means it is hard to make those active attacks well targeted. And systematic active attacks is both difficult to pull off and also easily detected. Additionally widespread deployment of cryptography, which is only resilient to passive attacks is easier, since it does not rely on key distribution.
It is just important to ensure that you still do use methods secured against active attacks, when the extra security is really needed. Additionally protocols must be designed such that an active attack is required to find out if a connection was protected against them. If you can passively tell if a connection is secured against active attacks, then passive security is practically worthless.
My google search on the issue came up with Ghana, Burkina Faso, and Bangladesh. Two of which seem to be African, the latter South Asian I guess.
I'm sure you can come up with better data.
Besides infant mortality, there's probably unreported miscarriage.
When I was a kid I did Unicef collection every Haloween. We got an orange cardboard coin box at school, and collected donations to it along with our trick-or-treat. Unicef used these funds to build water wells for people in Africa who had only access to contaminated surface water.
A decade or two later, we found that many of these wells accessed aquifers that were contaminated by arsenic. And that thus we kids had funded the wholesale poisoning of people in Africa, and that a lot of them had arsenic-induced cancers that were killing them.
OK, we would not make that mistake again, and today we have access to better water testing. But it caused me to lose my faith that we really do know how to help poor people in the third world, no matter how well-intentioned we are.
And we had better not go around curing disease withoput also promoting birth control. Despite what the churches say, and the local dislikes and prejudices. Or we'll just be condemning more people to starve.
What a horrible example of how not to behave as a decent human being.
Agreed. Abelson should be ashamed of himself.
This might as well be how Blackberry, Nokia, and Palm blew it. And I'm probably leaving off a few companies.
IMO it all comes down to arrogance about your own platform. In Nokia's case that was Symbian.
What reasons are there to cause one to want to generate a new key instead of reusing the old one?
For the same reasons that you would rotate passwords. It is just a precaution in case it accidentally was leaked. When changing certificate anyway there is no inconvenience to the users from replacing the key, so you might as well replace it. It would for example help a bit in case an old backup of the webserver had been leaked. The difference in security is minor though, there are much greater threats from insecure CAs.
You're one of my 3 favorite lawyers, the other two being the lady who handled my divorce and the man who handled my bankruptcy.
Great that you found good people to handle those important things.
Maybe to you 4channers it is, troll, but NYCL is well known and greatly respected here at slashdot. So go back to reddit and leave us grownups alone.
Thanks, bro
The Tao is like a glob pattern: used but never used up. It is like the extern void: filled with infinite possibilities.