[ rss / options / help ]
post ]
[ b / iq / g / zoo ] [ e / news / lab ] [ v / nom / pol / eco / emo / 101 / shed ]
[ art / A / beat / boo / com / fat / job / lit / map / mph / poof / £$€¥ / spo / uhu / uni / x / y ] [ * | sfw | o ]
logo
sheds

Return ] Entire Thread ] Last 50 posts ]

Posting mode: Reply [Last 50 posts]
Reply ]
Subject   (reply to 10933)
Message
File  []
close
horse.jpg
109331093310933
>> ID: e36cd9 No. 10933 Anonymous
1st August 2013
Thursday 6:29 pm

ID: e36cd9
10933 HTTPS
Please make .gs use HTTPS so the three/four letter agencies have it a little more difficult.
32 posts omitted. Last 50 posts shown. Expand all images.
>> ID: 01adac No. 11779 Anonymous
17th July 2014
Thursday 3:55 pm

ID: 01adac
11779 spacer
>>11778
Some ISPs may inject shit into unencrypted traffic.
Also, if I understand it correctly, will prevent peeping on what exactly you have been peeping here.
>> ID: f3a7c4 No. 11780 Anonymous
17th July 2014
Thursday 7:24 pm

ID: f3a7c4
11780 spacer
>>11778

Not having HTTPS is a security and privacy risk on untrusted local networks (coffee shops, pubs, trains, work, etc), even if you don't care about giving two fingers to the TLAs.
>> ID: 046dd8 No. 11781 Anonymous
17th July 2014
Thursday 7:35 pm

ID: 046dd8
11781 spacer
>>11780
Bear in mind they're the same sort of networks that are likely to do blanket MITM on your SSL.
>> ID: 70f5da No. 11782 Anonymous
17th July 2014
Thursday 7:48 pm

ID: 70f5da
11782 spacer
>>11781

Unless you're a moron or they've persuaded someone to sell them a root certificate, you should be alright.
>> ID: 046dd8 No. 11783 Anonymous
17th July 2014
Thursday 7:55 pm

ID: 046dd8
11783 spacer
>>11782
You do know this is a fairly standard feature in off-the-shelf gateway and filtering products, right?
>> ID: f41327 No. 11784 Anonymous
17th July 2014
Thursday 9:01 pm

ID: f41327
11784 spacer
>>11782
Oh fuck off you tedious cocksucker. Cunt. I hope you get buggered by a pack of rabid rats.
>> ID: 6ee5b7 No. 13349 Anonymous
3rd October 2015
Saturday 2:39 pm

ID: 6ee5b7
13349 spacer
Can we have HTTPS now please?
>> ID: 7176e4 No. 13350 Anonymous
3rd October 2015
Saturday 8:21 pm

ID: 7176e4
13350 spacer
When it's free and basically minimal effort (https://letsencrypt.org/) perhaps?
>> ID: cad2c7 No. 13351 Anonymous
4th October 2015
Sunday 9:56 pm

ID: cad2c7
13351 spacer
Why do you lot even care? If someone at a cafe sees you shitposting here, so what?

If it's because of the three/four letter agencies, they can own any widely used SSL for sure.
>> ID: 67740c No. 13360 Anonymous
9th October 2015
Friday 4:00 pm

ID: 67740c
13360 spacer
>>13351
Malicious Wi-Fi hotspots that inject shite into unencrypted traffic, maybe.

Sage thoroughly checked because I don't know if this applies to Blighty.
>> ID: b3edc1 No. 13361 Anonymous
9th October 2015
Friday 4:09 pm

ID: b3edc1
13361 spacer
>>13360

Things like Quantum Insert just wouldn't work if every site on the internet used SSL. Even if you had the private key of every SSL provider on the internet, that'd only really help you to crack encrypted traffic later on (and that's only if they're not using PFS, which they should be) - certainly the extra latency involved in calculating SSL on the fly would almost certainly push the timings needed for QI type attacks into the realm of the very improbable.

> Sage thoroughly checked because I don't know if this applies to Blighty.

>>13351

> they can own any widely used SSL for sure

It's ok, I'm pretty sure he doesn't know very much about blighty either.

Sage checked for rampant foreigner-hating and baiting.
>> ID: 5b36c0 No. 13362 Anonymous
9th October 2015
Friday 5:09 pm

ID: 5b36c0
13362 spacer
>>13361

>Things like Quantum Insert just wouldn't work if every site on the internet used SSL.

Not if a trusted Certificate Authority is compromised.

https://en.wikipedia.org/wiki/Certificate_authority#CA_compromise
>> ID: 3fc11c No. 13363 Anonymous
9th October 2015
Friday 5:36 pm

ID: 3fc11c
13363 spacer
>>13362
Or, more worryingly, one willingly compromises itself.
>> ID: b3edc1 No. 13364 Anonymous
9th October 2015
Friday 5:58 pm

ID: b3edc1
13364 spacer
>>13362

PFS and certificate pinning, sir.
>> ID: 382f43 No. 13402 Anonymous
5th November 2015
Thursday 11:23 am

ID: 382f43
13402 spacer
The Govt making all unencrypted traffic light reading for your local council's IT department is surely the impetus we need to implement this.

IRC supports SSL, so why not allow encryption on .gs?
>> ID: bb677d No. 13403 Anonymous
5th November 2015
Thursday 12:18 pm

ID: bb677d
13403 spacer

tmp_30854-1376560-goeb11292680807.jpg
134031340313403
>>13402
If you've got nothing to hide, you've got nothing to fear, m7.
>> ID: 382f43 No. 13404 Anonymous
5th November 2015
Thursday 1:01 pm

ID: 382f43
13404 spacer
>>13403

Jokes aside, this is a pretty serious invasion of privacy.

Expressing you opinion anonymously is something this site enshrines. We need HTTPS now for that to remain true.
>> ID: 18b6a9 No. 13405 Anonymous
5th November 2015
Thursday 5:26 pm

ID: 18b6a9
13405 spacer
>>13404

We've needed it for years, but the admin team has never been able (or willing?) to provide it. With Let's Encrypt it should now be a relatively straightforward affair - providing the admin team doesn't make a dog's dinner out of it and sets PFS up properly. Providing that is done I'll put myself up for writing a short guide on how to do certificate pinning correctly so that anyone who wants to use this site as securely as possible will be able to.
>> ID: ae830e No. 13406 Anonymous
5th November 2015
Thursday 5:28 pm

ID: ae830e
13406 spacer
>>13405
The Admin team is nonexistent. purple left the website in the hands of one of the teenagers and nothing really will ever get done on this site anymore. It's a shame, it used to be quite fun.
>> ID: 270409 No. 13407 Anonymous
5th November 2015
Thursday 8:20 pm

ID: 270409
13407 spacer
>>13406
Don't be a cock I read every day.

I've actually changed my mind on the issue - >>13402 is right, this latest change in the law does make me very minded to encrypt a lot more.
>> ID: 5b36c0 No. 13408 Anonymous
5th November 2015
Thursday 8:55 pm

ID: 5b36c0
13408 spacer
>>13407

For users:

https://www.eff.org/Https-everywhere

For admins:

https://community.letsencrypt.org/t/beta-program-announcements/1631
>> ID: a8bb14 No. 13409 Anonymous
5th November 2015
Thursday 9:08 pm

ID: a8bb14
13409 spacer
>>13408
Let's Encrypt doesn't support nginx.
>> ID: bc3137 No. 13410 Anonymous
5th November 2015
Thursday 9:38 pm

ID: bc3137
13410 spacer
>>13409
Pound works pretty well for adding an SSL layer and has a fairly low admin overhead.
>> ID: 26307d No. 13411 Anonymous
5th November 2015
Thursday 10:51 pm

ID: 26307d
13411 spacer
>>10933
Surely if someone packet sniffs the entire conversation on https, they would be able to decrypt the traffic?
>> ID: 5b36c0 No. 13412 Anonymous
6th November 2015
Friday 12:56 am

ID: 5b36c0
13412 spacer
>>13411

No. The whole point of HTTPS is that it allows a secure session to be established over an insecure channel. If the client, server and certificate authority are trustworthy then the session is (in theory) perfectly secure.

HTTPS has a vital role to play in reducing the reach of surveillance, which is why Lets Encrypt is such an important project. The NSA and YMCA have spent close to a billion dollars attempting to undermine HTTPS and other cryptosystems, with only shape-shifting reptilianest success. The techies are outpacing the spooks.

https://en.wikipedia.org/wiki/Bullrun_(decryption_program)
>> ID: 2c0227 No. 13413 Anonymous
6th November 2015
Friday 2:11 am

ID: 2c0227
13413 spacer
>>13412
>The techies are outpacing the spooks.

I suspect that we only hear half of what they are capable of. All the typical "black" projects in othe defence sectors (you know, like all the skunkworks stuff) aren't admitted about for years. How long did they keep the stealth bomber a secret for? I imagine it's much the same with whatever vile electronic glass against our wall they are using.
>> ID: d93338 No. 13414 Anonymous
6th November 2015
Friday 9:30 am

ID: d93338
13414 spacer
>>13412
>YMCA have spent close to a billion dollars attempting to undermine HTTPS and other cryptosystems
It was only a matter of time...
>> ID: 39d1fc No. 13540 Anonymous
12th December 2015
Saturday 8:40 pm

ID: 39d1fc
13540 spacer
>>13409

You no longer need to use the Let's Encrypt client as this site allows you to just get the certificate and do the installation and setup manually.

https://gethttpsforfree.com/
>> ID: 270409 No. 13542 Anonymous
13th December 2015
Sunday 10:49 am

ID: 270409
13542 spacer
>>13540
That's interesting. I managed to get on the Lets Encrypt beta list, but there were two issues - they're currently rotating certificates every six to eight weeks, which is boring and they wanted to publish my email address, which is also tedious.
>> ID: 5b8399 No. 13814 Anonymous
27th June 2016
Monday 4:26 am

ID: 5b8399
13814 spacer
>>13542

Any updates on this modlads? It's been another six months. I guess I'll have another dig around and see if things are any easier than they were then, although I'd hope they are.

While I'm here (and because there's no Sheds General thread), I noticed that the geofag for Brazil is 'Nutfag', which while a clever play on Brazil Nuts, isn't really all that funny. I humbly offer up the following alternatives:

Coconut
Dilmafag
HUeHUe
Zikafag
Sextourist

I also look forward to hearing any other suggestions our users may have.

No sage because I want to bump this onto the first page of /shed/
>> ID: 894a44 No. 13815 Anonymous
27th June 2016
Monday 10:46 am

ID: 894a44
13815 spacer
This thread was an amusing read, I think I just avoided it in the past because I don't even know what http means.

What does https do? And what is robots.txt? I've seen the little fucker pop up a lot but I don't know what it is or why it's so named.
>> ID: 5b36c0 No. 13816 Anonymous
27th June 2016
Monday 11:24 am

ID: 5b36c0
13816 spacer
>>13815

HTTP stands for Hyper-Text Transfer Protocol. It's the system used to send webpages and other data from web servers to your computer. The S in HTTPS stands for "secure". HTTPS adds a layer of encryption to HTTP, preventing the data from being intercepted by an eavesdropper. It is essential for things like online shopping and banking, but there is a movement to make it standard on all websites. This movement has been accelerated by the Snowden revelations.

Robots.txt is a standard system for web servers to communicate with automated systems like search engines. It can be used to declare certain files or folders as off-limits to automated systems, or to request that they only access files at a certain rate. It is purely advisory, but systems that ignore the robots.txt can be assumed to be malicious and automatically blocked by a firewall. It's normally used to stop irrelevant things from cluttering up search engine listings, or to stop search engines from battering a server with too many requests.
>> ID: 1fcd65 No. 13817 Anonymous
27th June 2016
Monday 12:00 pm

ID: 1fcd65
13817 spacer

n1 m8 gs wont no wot hit it.jpg
138171381713817
Why bother? There's nothing of security interest here. If Spooks In Specs, Gigantic Crania Hacking Quietly or Mission Impossible 5 decide they'd like a poke around some corner of the domestic internet I strongly doubt even .gs' legendary webmaster could keep them at bay.

I'm not advancing the 'nothing to hide, nothing to fear' trope, just saying it's a bit of a pointless concern. Like investing in a sturdier umbrella to protect against meteorite strikes you don't need it and it wouldn't work if you did. Must say I love the image of some whizzkid locked away in the Doughnut trawling through /iq/ and trying not to snigger.
>> ID: 165961 No. 13818 Anonymous
27th June 2016
Monday 12:17 pm

ID: 165961
13818 spacer
>>13817
>There's nothing of security interest here.
That's the point.
>> ID: 5b36c0 No. 13819 Anonymous
27th June 2016
Monday 1:06 pm

ID: 5b36c0
13819 spacer
>>13817

>Must say I love the image of some whizzkid locked away in the Doughnut trawling through /iq/ and trying not to snigger.

It's not about people, it's about algorithms. HTTPS thwarts the bulk collection and analysis of intercepted data. It forces the spooks to work for their intel, rather than getting an instant picture of who you are, who you know and what you think just by searching for your name in a database.

If you're a target then you're fucked, but good data hygiene can stop you from becoming a target, it can stop you from getting swept up in a dragnet.
>> ID: 1fcd65 No. 13820 Anonymous
27th June 2016
Monday 3:21 pm

ID: 1fcd65
13820 spacer
>>13819
What exactly would I be 'targeted' for?
>> ID: 5b36c0 No. 13821 Anonymous
27th June 2016
Monday 3:44 pm

ID: 5b36c0
13821 spacer
>>13820

Damned near anything that the government considers suspicious. Socialising with the wrong people, visiting the wrong website, signing the wrong petition, travelling to the wrong country, exceeding an arbitrary threshold on some nebulous "risk algorithm" based on your browsing history and the content of your e-mails.

Back in the '70s, my dad had an MI5 file because he was a Student Union rep. Special Branch put me under surveillance because I was involved in the Stop The War Coalition. A photographer friend of mine had a "friendly visit" from SO15 because he was spotted taking photos near the Thames Barrier. Given the scale of their resources today, I expect that GCHQ are monitoring a vast number of people.

I know for a fact that this post has been intercepted and logged by GCHQ, and that the keywords in it will increase the risk score associated with my IP address. I doubt that any human being will ever read it, but I know that it's part of the intelligence profile being constructed about me. If I raise enough red flags, an intelligence analyst will have a good rummage through the collected data to see if I'm a wrong'un.
>> ID: 4ac578 No. 13822 Anonymous
27th June 2016
Monday 3:48 pm

ID: 4ac578
13822 spacer
>>13821
>Back in the '70s, my dad had an MI5 file because he was a Student Union rep. Special Branch put me under surveillance because I was involved in the Stop The War Coalition.
And you know this because...?
>> ID: 165961 No. 13823 Anonymous
27th June 2016
Monday 3:54 pm

ID: 165961
13823 spacer
>>13820
Well for a start you've just posted in an imageboard thread about encryption and GCHQ.

Less facetiously, look at it like this: You lock your door when you leave for work. You're not a criminal, but presumably you're not going to leave a spare key with the police just in case they want to take a look around.
>> ID: 05109d No. 13824 Anonymous
27th June 2016
Monday 4:13 pm

ID: 05109d
13824 spacer
>>13823
This is more like asking your landlord to install an alarm system.
>> ID: 21e20c No. 13825 Anonymous
27th June 2016
Monday 4:18 pm

ID: 21e20c
13825 spacer
>>13823
Jews, Allah, Mohammed, IRA, Republican, Fertiliser, Jet fuel can't melt steel beams.
>> ID: 4ac578 No. 13826 Anonymous
27th June 2016
Monday 4:24 pm

ID: 4ac578
13826 spacer
>>13824
It's actually more like when you stumble home from the pub, pissed, but then get to the door and find you've left your keys on the bar, so you try and climb over the garden fence so you can get to the shed and get a ladder to go through the bedroom window you left open, but you kick over some paint cans and wake up your neighbour, and they ring the rozzers who come and spend an hour questioning you before they leave, and then when you wake up in the morning you find you've shat yourself.
>> ID: 5b36c0 No. 13827 Anonymous
27th June 2016
Monday 4:29 pm

ID: 5b36c0
13827 spacer
>>13822

My father learned of the existence of his file the late 90s, after an investigation and legal challenge by Liberty. If memory serves, the matter was precipitated by the Shayler affair.

My own surveillance was overt, I suspect because it was primarily intended to intimidate me. The officers tasked with monitoring me introduced themselves to my friends, neighbours and colleagues. They were gathering intelligence, but they were also sending a clear message. Overt surveillance is a common tactic in the policing of protest and civil disobedience, the most common form being the Met's use of Forward Intelligence Teams.

https://en.wikipedia.org/wiki/Forward_Intelligence_Team
>> ID: 818452 No. 13828 Anonymous
27th June 2016
Monday 4:31 pm

ID: 818452
13828 spacer
My parents had some overt surveillance too, back in the 70s. It clearly worked because they stopped going to protests and settled down into normal lives and even went as far as to tell me about it as a scare story.
>> ID: e62a57 No. 13829 Anonymous
27th June 2016
Monday 7:09 pm

ID: e62a57
13829 spacer
>>13821
Why the fuck do they care about people protesting war? Where's the security threat there?
>> ID: 5b36c0 No. 13830 Anonymous
27th June 2016
Monday 8:00 pm

ID: 5b36c0
13830 spacer
>>13829

Anything that threatens or inconveniences the government is regarded as a security threat. Environmentalism, animal and human rights, pacifism, you name it. There are a web of secretive organisations whose sole function is to infiltrate and undermine political activist groups.

https://en.wikipedia.org/wiki/National_Public_Order_Intelligence_Unit

The family of Stephen Lawrence were put under surveillance by the Met. An undercover officer was tasked with smearing the family to damage the credibility of their campaign.

https://en.wikipedia.org/wiki/Murder_of_Stephen_Lawrence#Revelations_about_undercover_police_conduct_.282013.29

When the undercover officer Mark Kennedy secretly recorded evidence that would have exonerated six environmental protesters, the Met buried the evidence. Over the course of seven years undercover, Kennedy provided intelligence to the police forces of 22 countries.

https://www.theguardian.com/uk/2011/jun/07/mark-kennedy-police-spy-secret-tapes
https://en.wikipedia.org/wiki/Mark_Kennedy_(police_officer)

There's no ethics here, no honour. They'll do whatever they think they can get away with. Christ knows what SIS get up to under cover of the Official Secrets Act.
>> ID: 165961 No. 13831 Anonymous
27th June 2016
Monday 8:05 pm

ID: 165961
13831 spacer
>>13829
It's an indirect threat. It may prevent action to thwart direct threats elsewhere. See Syria, for example. Protests against engagement persuaded the pollies to prevent us from going in, and the net result was ISIS taking over half the place.[oversimplification]
>> ID: 5e6338 No. 14231 Anonymous
27th July 2017
Thursday 7:29 am

ID: 5e6338
14231 spacer
Hello.

https://doesmysiteneedhttps.com/
>> ID: ec74d0 No. 14232 Anonymous
31st July 2017
Monday 6:12 pm

ID: ec74d0
14232 spacer
Sorry about that lads.
>> ID: cffd41 No. 14280 Anonymous
11th August 2017
Friday 2:00 pm

ID: cffd41
14280 spacer
I'll be setting up LetsEncrypt and HTTPS in advance of the October deadline from the Google Chrome team - at that point, any site that is submitting forms and suchlike will get an insecure content warning, which would be quite boring.

Return ] Entire Thread ] Last 50 posts ]
whiteline

Delete Post []
Password