[liberationtech] Idiocy is a warning shot to people browsing the internet insecurely.

[Moxie Marlinspike]

You could easily modify sslstrip to do this (in effect making it
sslstrict), but an attacker running the real sslstrip on the same
network would not be affected and would be able to intercept credentials
as usual.

- moxie

-- 
http://www.thoughtcrime.org

On 11/06/2010 12:24 PM, Frank Corrigan wrote:
> It would be useful if websites followed the the likes of gmail and now
> fastmail.fm by ensuring HTTPS is enabled by default.
> 
> Public redirection to HTTPS?
> -----------------------------
> 
> Does anyone think it would be a good idea if open WiFi providers like
> McDonalds/Coffee Shops gave users pop up messages when they visit
> popular sites suggesting they use HTTPS, for the likes of facebook, ebay
> and twitter? Or could local Public WiFi routers enforce a strict HTTPS
> redirect, similar to how EFF's HTTPS Everywhere FireFox add-on works?
> This could be good PR and might have a public education role. I am
> thinking of suggesting this to my local public library, but would
> welcome feedback before suggesting something that might also have risks.
> 
> Firesheep usage leads to Idiocy
> http://news.netcraft.com/archives/2010/10/26/firesheep-usage-leads-to-idiocy.html
> about:
> http://jonty.co.uk/idiocy
> Via: http://codebutler.com/firesheep-a-week-later-idiot-shepherds?c=1
> 
> Thanks
> Frank
> 
> _______________________________________________
> liberationtech mailing list
> liberationtech at lists.stanford.edu
> 
> Should you need to change your subscription options, please go to:
> 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"
> 
> You will need the user name and password you receive from the list moderator in monthly reminders.
> 
> Should you need immediate assistance, please contact the list moderator.
>