[liberationtech] Firesheep: Making the Complicated Trivial
Uncle "The Dod" Zzzen
unclezzzen at gmail.com
Sat Oct 30 06:20:27 PDT 2010
Thanks, Chris, for your elaborate response.
I stand corrected.
On Fri, 2010-10-29 at 11:50 -0700, Chris Palmer wrote:
> Even active man-in-the-middle attacks are cheap and easy enough to be
> funny pranks:
Thanks for opening my eyes regarding these threats. Like you say in your
presentation "if you're not a wolf, you're a sheep". I guess I have a
lot of catching up to do here.
> I'd rather we spent our time improving the usability of HTTPS than on
> developing a mechanisms which completely punts on usability while also
> not providing end-to-end security.
>
> http://docs.google.com/present/view?id=df9sn445_206ff3kn9gs
Still going through it, but I see that it deals with the problems that I
have with ssl. Your presentation - of course - shows the interests of
all parties involved - and not only mine (as a deployer).
I hope your TOFU/POP project succeeds, because at the moment - the only
solution for any web site that requires admin interface would be to
either buy a certificate (expensive for us in the 3rd world) or move to
google, which would make it "the internet".
Thanks again for your time,
The Dod
More information about the liberationtech
mailing list