Linked by Thom Holwerda on Thu 21st Nov 2013 23:46 UTC
Internet & Networking

"We can end government censorship in a decade," Schmidt said during a speech in Washington. "The solution to government surveillance is to encrypt everything."

Setting aside the entertaining aspect of the source of said statement, I don't think encryption in and of itself is enough. Encryption performed by companies is useless, since we know by now that companies - US or otherwise - are more than eager to bend over backwards to please their governments.

What we need is encryption that we perform ourselves, so that neither governments nor companies are involved. I imagine some sort of box between your home network and the internet, that encrypts and decrypts everything, regardless of source or destination. This box obviously needs to run open source software, otherwise we'd be right back where we started.

Is something like that even possible?

Permalink for comment 577405
To read all comments associated with this story, please click here.
RE[6]: Comment by pcunite
by Lennie on Sun 24th Nov 2013 20:56 UTC in reply to "RE[5]: Comment by pcunite"
Lennie
Member since:
2007-09-22

So I work at a hosting provider. RapidSSL from GeoTrust and EssentialSSL from Comodo are really 10 and 13 euros (a little over 13 and 17,5 dollars).

StartSSL is cool. But selling free certs to customers feels a bit weird. ;-) Also the free certs display an email address in the cert-name, they call it a 'personal cert' (slightly unusual, but works).

StartSSL is cool because they do things like: if you certify your organization you can get unlimited certs for all your domains. Including SAN/UCC and wildcard.

That is 118 dollars for 2 years of free certs.

Governments yes, lots of fun there too. Look up the CNNIC controversy. There are over 1500 CAs that your browser trusts (indirectly) says the SSL observatory.

Do YOU trust them ? All of them ? ;-)

Anyway, summary, always remember: certs is a race to the bottom. EV-certs only exist because the normal certificates became only domain verified certs. They used to be validated like the EV-certs are now.

Reply Parent Score: 2