[nSLUG] Wikipedia changes/limits protocols?
George N. White III
gnwiii at gmail.com
Tue Jul 14 07:47:48 ADT 2015
On Tue, Jul 14, 2015 at 2:02 AM, Mike Spencer <mspencer at tallships.ca> wrote:
> > No one should be using SSLv2 or 3, and ideally nothing TLS <1.2.
> I visit exactly one site where I care about encryption. I feel like
> I'm being carded buying a Coke at the corner store when Wikipedia
> forces me to upgrade to their idea of appropriate security.
Welcome to the modern internet. What used to be a playground for geeks
has become a lawless ghetto. What has been keeping most of us safe is
the abundant high-value low hanging fruit provided by government agencies
and banks. As more suits get a clue, bad guys will turn there attention to
smaller organizations and individuals.
There has been a lot of fuss over government eavesdropping, but these days
you have to assume that bad guys have as good or better capabilities.
Now we know that some bad guys have information they can use to blackmail
people with high-level clearances in the US.
If you only encrypt traffic to one site that tells an eavesdropper something
about your activities.
If all internet traffic is strongly encrypted that makes it harder for
to identify "interesting" traffic.
https also increases the chances that your are connected with the real
rather than some version your government created to hide articles they don't
like or that they consider to violate some rules.
I use the EFF's HTTPS Everywhere browser extension, and have noticed an
increase in transient glitches. A paranoid would think either a) someone
https to discourage wider adoption, or b) someone doing deep packet
and running into resource limits as the https traffic volumes increase.
> Michael Spencer Nova Scotia, Canada .~.
> mspencer at tallships.ca /( )\
> http://home.tallships.ca/mspencer/ ^^-^^
> nSLUG mailing list
> nSLUG at nslug.ns.ca
George N. White III <aa056 at chebucto.ns.ca>
Head of St. Margarets Bay, Nova Scotia
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the nSLUG