Linked by Thom Holwerda on Thu 21st Nov 2013 23:46 UTC
Internet & Networking

"We can end government censorship in a decade," Schmidt said during a speech in Washington. "The solution to government surveillance is to encrypt everything."

Setting aside the entertaining aspect of the source of said statement, I don't think encryption in and of itself is enough. Encryption performed by companies is useless, since we know by now that companies - US or otherwise - are more than eager to bend over backwards to please their governments.

What we need is encryption that we perform ourselves, so that neither governments nor companies are involved. I imagine some sort of box between your home network and the internet, that encrypts and decrypts everything, regardless of source or destination. This box obviously needs to run open source software, otherwise we'd be right back where we started.

Is something like that even possible?

Thread beginning with comment 577398
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: Comment by pcunite
by WereCatf on Sun 24th Nov 2013 16:31 UTC in reply to "RE[2]: Comment by pcunite"
WereCatf
Member since:
2006-02-15

Their terrible support for self signed certificates makes it a continuous pain to use HTTPS on embedded devices


I don't know what you're talking about, it works the same on my mobile as it does on the desktop: you get a screen that warns about a non-CA-signed certificate and then you can either go away or allow that certificate.

From a policy point of view, HTTPS connections to unverified peers is not less secure than plain HTTP, and would have the additional benefit of defeating passive surveillance techniques. Unfortunately, HTTPS implementations such as mozilla's have precluded the possibility of enabling HTTPS _everywhere_,


I'm going to have to ask you what would you prefer then? If browsers just automatically accepted all certificates regardless of where or by whom they were signed you'd just immediately render most of the points for using HTTPS in the first place moot as it'd be utterly ridiculously easy to just do a MITM and redirect the traffic elsewhere. It would still be passive surveillance at that point, no better than now.

Reply Parent Score: 3

RE[4]: Comment by pcunite
by Alfman on Sun 24th Nov 2013 18:52 in reply to "RE[3]: Comment by pcunite"
Alfman Member since:
2011-01-28

WereCatf

"I don't know what you're talking about, it works the same on my mobile as it does on the desktop: you get a screen that warns about a non-CA-signed certificate and then you can either go away or allow that certificate."

Maybe they improved it then because it used to take many annoyingly useless clicks and screens to get through to the site. I was using a plugin to make it show an unambiguous & detailed warning and let me through with a click and no other hassles to connect. Mozilla's forums was full of others who thought the same thing, so it wasn't isolated. I'll need to reinstall FF without plugins to see what they changed.


"I'm going to have to ask you what would you prefer then?"

I guess it depends on how we feel about widespread deployment of HTTPS instead of HTTP. Those who support the idea of using self signed certificates over plain text HTTP will probably want self signed HTTPS websites to work the way HTTP does today.

Unfortunately the problem with this is that the CA's themselves have already fragmented HTTPS between cheap "instant certs" and premium "EV certs", and the browsers have already de-emphasize normal certs to look like HTTP.


"If browsers just automatically accepted all certificates regardless of where or by whom they were signed you'd just immediately render most of the points for using HTTPS in the first place"

I know what you are saying, however the goal isn't strictly to 'accept all certificates', it's to transition from a norm where everything is clear text to one which enables encryption to all websites. This would be easy to do had HTTPs evolved differently, such as a simple way to enable encryption without certificates. But now we are here and these are the standards that we have to work with, what would you propose?


"it'd be utterly ridiculously easy to just do a MITM and redirect the traffic elsewhere. It would still be passive surveillance at that point, no better than now."

This is active surveillance. It means you have to modify traffic, which means it's detectable, at least by experts and out of band verification. Passive surveillance like wire tapping gives spies an undetectable read-only tap from the network.

Consider that one can conduct blanket passive surveillance without much risk of getting caught. Active surveillance requires not only more resources to impersonate servers, but also leaks evidence that it's happening.

Reply Parent Score: 2