[Chapter-delegates] Reset the Net ... ?

Eric Burger eburger at standardstrack.com
Thu May 8 08:11:26 PDT 2014 

If one has a rogue or hacked root certificate operator (e.g., DigiNotar), all bets are off. You think you are talking with the endpoint, while you are happily talking to a device in the middle. 

Good news: random snoops in the network still cannot listen to your communications.
Bad news: sophisticated snoops playing man-in-the-middle get to listen to your communications, and 99.999% of users would have no clue. For the 0.001%, there are tools like https://addons.mozilla.org/en-us/firefox/addon/certificate-patrol/ available.

On May 8, 2014, at 9:30 AM, Jorma Mellin <jorma.mellin at tdc.fi> wrote:

> Hello all,
>  
> Have this initiative being considered carefully. I do support SSL but it does not secure the data when stored, only
> while being transported. People might get false security feeling if just relying on SSL/HTTPS. And transport is just one
> part of the puzzle.
>  
> Rgds,
> Jorma Mellin
> Finnish chapter
>  
> From: Chapter-delegates [mailto:chapter-delegates-bounces at elists.isoc.org] On Behalf Of Evan Leibovitch
> Sent: Wednesday, May 07, 2014 5:04 PM
> To: ISOC Chapter Delegates
> Subject: [Chapter-delegates] Reset the Net ... ?
>  
> Hello all,
>  
> I notice a new initiative, "Reset the Net", being launched.
>  
> Its aim is to get more websites to use HTTPS, and to encourage more end users to learn and use surveillance-resistant tools.
>  
> Central to the campaign is to declare June 5, the one year anniversary of the first Snowden-derived news leak, as "reset the net day". On that day, participating sites would sport an appropriate banner. The site is also collecting signatures for a "pledge" to implement resistant tools.
>  
> Current supporters include Greenpeace, the Free Software Foundation, Reddit, and about a dozen smaller orgs. Missing from the list is the EFF and especially ISOC and any chapters. I also have not heard mention of it here before,
>  
> Exclusion can be for one of a number of reasons, I'd like to know if any of these apply:
> 
> ISOC and/or chapters are not aware of the campaign (if so, now it is :-) )
> ISOC and/or chapters are aware of the campaign but do not agree with all its aims or tactics
> There are just too many of these unconnected campaigns (OpenStand, Necessary and Proportionate, etc) and they are losing their power because they all are starting to look the same
> ISOC is working on its own campaign along these lines
> Reset the Net is too US-specific (very NSA-specific, no translations)
>  
> Comments?
>  
> --
> Evan Leibovitch
> Canada Chapter
> _______________________________________________
> As an Internet Society Chapter Officer you are automatically subscribed
> to this list, which is regularly synchronized with the Internet Society
> Chapter Portal (AMS): https://portal.isoc.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://elists.isoc.org/mailman/private/chapter-delegates/attachments/20140508/d9eadd60/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://elists.isoc.org/mailman/private/chapter-delegates/attachments/20140508/d9eadd60/attachment.asc>

More information about the Chapter-delegates mailing list