Linked by Thom Holwerda on Thu 21st Nov 2013 23:46 UTC
Internet & Networking

"We can end government censorship in a decade," Schmidt said during a speech in Washington. "The solution to government surveillance is to encrypt everything."

Setting aside the entertaining aspect of the source of said statement, I don't think encryption in and of itself is enough. Encryption performed by companies is useless, since we know by now that companies - US or otherwise - are more than eager to bend over backwards to please their governments.

What we need is encryption that we perform ourselves, so that neither governments nor companies are involved. I imagine some sort of box between your home network and the internet, that encrypts and decrypts everything, regardless of source or destination. This box obviously needs to run open source software, otherwise we'd be right back where we started.

Is something like that even possible?

Permalink for comment 577398
To read all comments associated with this story, please click here.
RE[3]: Comment by pcunite
by WereCatf on Sun 24th Nov 2013 16:31 UTC in reply to "RE[2]: Comment by pcunite"
Member since:

Their terrible support for self signed certificates makes it a continuous pain to use HTTPS on embedded devices

I don't know what you're talking about, it works the same on my mobile as it does on the desktop: you get a screen that warns about a non-CA-signed certificate and then you can either go away or allow that certificate.

From a policy point of view, HTTPS connections to unverified peers is not less secure than plain HTTP, and would have the additional benefit of defeating passive surveillance techniques. Unfortunately, HTTPS implementations such as mozilla's have precluded the possibility of enabling HTTPS _everywhere_,

I'm going to have to ask you what would you prefer then? If browsers just automatically accepted all certificates regardless of where or by whom they were signed you'd just immediately render most of the points for using HTTPS in the first place moot as it'd be utterly ridiculously easy to just do a MITM and redirect the traffic elsewhere. It would still be passive surveillance at that point, no better than now.

Reply Parent Score: 3