| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 8 Sep 2010 21:12:13 +0200 From: Christian Sciberras <uuf6429@...il.com> To: BMF <badmotherfsckr@...il.com> Cc: Full Disclosure <full-disclosure@...ts.grok.org.uk> Subject: Re: [GOATSE SECURITY] Clench: Goatse's way to say "screw you" to certificate authorities We want a certain X people from a certain X chan dictating how some X software is fully trusted and can run on my computer. Call me paranoid, but I stick to the #1 rule of never ever trusting the public. I'd rather have a company pay some good bucks to get their hands on a highly trusted certificate than kids who's aim in life is wiping as much hard disks as possible. Which also answers why those $10-$20 assholes does a better job than the kids we all know about... On Wed, Sep 8, 2010 at 8:56 PM, BMF <badmotherfsckr@...il.com> wrote: > On Wed, Sep 8, 2010 at 9:24 AM, Andrew Auernheimer <gluttony@...il.com> wrote: >> un-tl;dr abstract: SSL is broken. Certificate authorities only exist >> to let the US, Chinese, Turkish, Brazilian etc etc government or >> Russian mob spy on you (whichever is interested first). Well, I guess >> they also exist to line the pockets of assholes who want $10-50 for >> pushing a button. > > Amen. This is why we should use and support web of trust style systems. > > CA Cert for SSL. > > GPG for most other things. > > BMF > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists