[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Internet to Tunisia

Subject: Internet to Tunisia
From: simonw at zynet.net (Simon Waters)
Date: Tue, 11 Jan 2011 15:17:19 +0000
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]>

On Tuesday 11 January 2011 14:58:51 Marshall Eubanks wrote:
>
> On twitter right now there are frequent claims that all https is blocked
> (presumably a port blocking).

A quick search pulls up.
http://www.cpj.org/internet/2011/01/tunisia-invades-censors-facebook-other-accounts.php

Since Gmail defaults to HTTPS, and many other sites left to their own devices, 
it is necessary for an attacker to try and force clients to use HTTP or start 
conversation using HTTP (so that no one notices when the important bit isn't 
encrypted, or to enable javascript from a third part to be injected).

NoScript for Firefox has a force HTTPS for a domain feature.
http://noscript.net/faq#qa6_3

But what clients really need is a way for servers to say "always use 
encryption".
http://noscript.net/faq#STS

Of course when it gets to the level of countries, it is quite plausible your 
browser may already trust a certificate authority under their jurisdiction so 
all bets are off.

I think I'm saying HTTPS doesn't quite hack it in browsers yet, but it will 
be "secure enough" real soon now.

References:
- Internet to Tunisia
  - From: tme at americafree.tv (Marshall Eubanks)
- Internet to Tunisia
  - From: nick at foobar.org (Nick Hilliard)
- Internet to Tunisia
  - From: tme at americafree.tv (Marshall Eubanks)

Prev by Date: Internet to Tunisia
Next by Date: AltDB?
Previous by thread: Internet to Tunisia
Next by thread: Agenda for Miami
Index(es):
- Date
- Thread