[GNU/consensus] Why support "Reset the Net" ? I don't get it

consensus

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNU/consensus] Why support "Reset the Net" ? I don't get it

From:	carlo von lynX
Subject:	[GNU/consensus] Why support "Reset the Net" ? I don't get it
Date:	Wed, 7 May 2014 09:23:17 +0200
User-agent:	Mutt/1.5.20 (2009-06-14)

Heya.. I saw the FSF logo on the
https://www.resetthenet.org page.

Yet the things the page recommends are band-aids.
If it was that simple we could have done such a
campaign the same day the revelations came out.

- 1st of all, the main problem is mail and chat,
  so you don't solve that by HSTS

- The recommended solutions for mail and chat
  are obnoxious for normal users to install and
  will be obsolete in a year or so, since no-one
  should stick to mail and chat that does not
  protect the social graph "meta" data.

- The idea that all HTTP sites should upgrade
  to HTTPS, without at least convincing one CA
  to hand out free *.domain certificates, is just
  an amazing promotional campaign for the CA industry.

- HSTS is the greatest of all band-aids, much weaker
  than DANE, still if you use it wrong you condemn
  yourself to buying certificates for potentially a
  veeery long time. Would be better to go for the
  less bad band-aid: DANE.

- Would be better if the web browsers were supporting
  proper pinning of self-signed certificates. Or
  supporting cacert.org so people can reasonably get
  free certs. They can show the sites with a yellow
  box instead of a green one (if Mozilla thinks cacert
  is less safe, which in the current situation is a
  ridiculous assertion anyway), but leaving the web in
  a state of utter brokenness is sick.

- Would be better to fix the scalability of Tor hidden
  services so we can use .onion instead of the broken
  HTTPS thing. Or if that doesn't work, use GNUnet for
  the "light web"

- Would be better to deploy opportunistic forward
  secrecy implemented in JS over HTTP (naif has been
  working on that)

- Would be better if campaign websites weren't themselves
  collecting personal data before even saying anything
  (the first thing it shows is a prompt to drop your
  e-mail into a box.. very reassuring).

So I don't see the point in a superficial campagin that
doesn't actually fix anything about the status quo, instead
it is likely to foster further damage by not offering long-term
solutions.

If you think this makes sense, please forward it to the 
appropriate people in the FSF and other listed organizations.

Best,

-- 
            http://youbroketheinternet.org
 ircs://psyced.org/youbroketheinternet

[Prev in Thread]

Current Thread

[Next in Thread]

[GNU/consensus] Why support "Reset the Net" ? I don't get it, carlo von lynX <=
- Re: [GNU/consensus] [SocialSwarm-D] Why support "Reset the Net" ? I don't get it, Michael Rogers, 2014/05/07
  - Re: [GNU/consensus] [SocialSwarm-D] Why support "Reset the Net" ? I don't get it, carlo von lynX, 2014/05/07
    - Re: [GNU/consensus] [SocialSwarm-D] Why support "Reset the Net" ? I don't get it, Michael Rogers, 2014/05/07
    - Re: [GNU/consensus] [SocialSwarm-D] Why support "Reset the Net" ? I don't get it, carlo von lynX, 2014/05/07
    - Re: [GNU/consensus] [SocialSwarm-D] Why support "Reset the Net" ? I don't get it, Andreas Kuckartz, 2014/05/07

Next by Date: Re: [GNU/consensus] [SocialSwarm-D] Why support "Reset the Net" ? I don't get it
Next by thread: Re: [GNU/consensus] [SocialSwarm-D] Why support "Reset the Net" ? I don't get it
Index(es):
- Date
- Thread