[nSLUG] Wikipedia changes/limits protocols?

TimJ tjllml at timweb.ca
Thu Jul 16 09:40:01 ADT 2015


Hi Mike,

It wont fix the underlying problem, but have you searched for SSL in
Firefox's about:config? You may find an option you can turn on to get WP
working. You might try using the output of ssllabs.com that Dan mentioned
to see if you have an option that you can turn on.

You may also want to test what is currently accepted by your browser by
going to https://cc.dcsec.uni-hannover.de/

TimJ

>
> Following up to myself:
>
> George N. White III wrote:
>
>> If you only encrypt traffic to one site that tells an eavesdropper
>> something about your activities.
>>
>> If all internet traffic is strongly encrypted that makes it harder
>> for eavesdroppers to identify "interesting" traffic.
>
> which is just what Bruce Schneier wrote in his 15 July '15 Crypto-gram
> newlstter:
>
>     Encryption should be enabled for everything by default, not a
>     feature you turn on only if you're doing something you consider
>     worth protecting.
>
>     This is important. If we only use encryption when we're working
>     with important data, then encryption signals that data's
>     importance. If only dissidents use encryption in a country, that
>     country's authorities have an easy way of identifying them. But if
>     everyone uses it all of the time, encryption ceases to be a
>     signal. No one can distinguish simple chatting from deeply private
>     conversation. The government can't tell the dissidents from the
>     rest of the population. Every time you use encryption, you're
>     protecting someone who needs to use it to stay alive.
>
> The thing is, I may be more paranoid than Schneier, or at least less
> trusting.
>
> I'm not smart enough to verify the crypto math nor to to write bullet
> proof code that implements it.  But I'm more or less willing to trust
> the individual code hackers -- natural persons -- who are smarter than
> I am.  I can infer their trustworthiness -- street cred -- from
> various public info.  Sometimes I know people who know people whow
> know the coders. I can look at who uses and who critiques the
> software. I can read the RFCs. Other stuff like that....that's what
> people do about trusting people.
>
> But I can't bring myself to trust large corporate (for loose
> definitions of "corporate") entities whose activities or products are
> generated by huge teams, managed by, well, you know, managers and
> executives with an eye on shareholder value, bottom line and
> survival in the political arena.
>
> And the crypto in HTTPS appears to me (am I wrong?) to depened on
> impenetrable browser code and a (too?) widely distributed mare's nest
> of authentication of just that sort of origin.
>
>
> Well, I'm blundering pretty far off the list topic.  Better shut up
> until I've done a lot more reading.
>
> ObLinux: Still don't know why FF did one thing repeatedly and failed
> one night, did a whole different thing and succeeded the next.
>
>
> - Mike
>
> --
> Michael Spencer                  Nova Scotia, Canada       .~.
>                                                            /V\
> mspencer at tallships.ca                                     /( )\
> http://home.tallships.ca/mspencer/                        ^^-^^
>
>
> _______________________________________________
> nSLUG mailing list
> nSLUG at nslug.ns.ca
> http://nslug.ns.ca/mailman/listinfo/nslug
>




More information about the nSLUG mailing list