Show Navigation
Conversation
Notices
-
> HTTPS is Dangerous
via @bryanlunduke
https://hooktube.com/ZmlQoeEycPc
- https is annoying
- needs public key pairs
- certificates expire
- faking certificates is super easy
- SHA-1 & 2 isn't trustworthy (because NSA)
- SHA-3 has an NSA back door
- is too complex
- google favors https sites (this is a BAD)
- doesn't protect you from the website operator
- not secure, has backdoors, bugs
- is dangerous
- secure software doesn't exist
- delores repeated this.
-
@xj @bryanlunduke can we do a collab fedi effort to make something with i2p or gnunet or anything actually secure?
-
@xj @bryanlunduke i think DNS is kind of flawed in itself, i like the approaches where its completely removed and just p2p computers. simple, key exchanges