On 19/01/11 18:42, John R. Dennison wrote:
> On Wed, Jan 19, 2011 at 10:33:59AM -0800, Mark wrote:
>> Let's talk about CentOS on this list, shall we?
>
> Presumably the OP is running firefox on CentOS. So... how it this
> not about CentOS?
>
>
You are kidding, right?
I do my accounts on CentOS - does that make this a suitable venue to
discuss my tax returns?
The SNR of this list is shocking and encouraging the above doesn't help
any. This thread is already 10 posts and contains not one single
relevant (to this list) piece of information.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
01-19-2011, 08:09 PM
Celejar
Let's talk about HTTPS Everywhere
On Wed, 19 Jan 2011 17:50:58 +0000 (UTC)
Camaleón <noelamac@gmail.com> wrote:
> On Wed, 19 Jan 2011 18:07:36 +0100, tv.debian@googlemail.com wrote:
...
> > It is not only the data enclosed inside the cookie which are at risk
> > here, but the entire session on the website you are logged in. Say you
> > log into your "friendface" account, and someone near your catch your
> > unencrypted session cookie, then he is YOU on YOUR "friendface"
> > account...
>
> That sounds like bad programming or a buggy site. There are methods to
> prevent such attacks on the server side that involves no encrypted
> sessions, but sometimes it is easier (and cheaper) for companies to rely
> on completely encrypted sessions and not implement another
> countermeasures.
I'm curious - how can one completely guard against a MITM attack
without using encryption?
Celejar
--
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110119160930.225f5f8b.celejar@gmail.com">http://lists.debian.org/20110119160930.225f5f8b.celejar@gmail.com
01-19-2011, 08:27 PM
Steve Flynn
Let's talk about HTTPS Everywhere
On Wed, Jan 19, 2011 at 6:34 PM, MR ZenWiz <mrzenwiz@gmail.com> wrote:
> On Wed, Jan 19, 2011 at 3:29 AM, S Mathias <smathias1972@yahoo.com> wrote:
>> Ok. It's a Firefox Add-on:
>>
>> https://www.eff.org/https-everywhere
>>
> And this has what, exactly, to do with Ubuntu?
Nothing other than it answers some of the OP's questions. By the way,
your quoting is incorrect/misleading.
--
Steve
When one person suffers from a delusion it is insanity. When many
people suffer from a delusion it is called religion.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
01-19-2011, 08:35 PM
"John R. Dennison"
Let's talk about HTTPS Everywhere
On Wed, Jan 19, 2011 at 08:40:40PM +0000, Ned Slider wrote:
>
> You are kidding, right?
No.
> I do my accounts on CentOS - does that make this a suitable venue to
> discuss my tax returns?
Please conflate more.
> The SNR of this list is shocking and encouraging the above doesn't help
> any. This thread is already 10 posts and contains not one single
> relevant (to this list) piece of information.
The OP asked a pretty straight-forward set of questions. Was it
100% germane to this list? No, perhaps not. Was it better than
the spoon-feeding and 110% off-topic noise that is a normal
occurance on this list? Yes.
As the question pertains to, indirectly, on-line privacy and
keeping more clear-text data off the wire I have to say, I'd
rather see this than the other nonsense here. YMMV.
John
--
There are people for whom nothing is more embarrassing than to be caught
not in the know. To arm themselves against embarrassment, they choose
knowingness, which is just ignorance hidden by information.
-- Leon Wieseltier, Washington Diarist: In the Know, The New Republic: Books
& Arts, 16 September 2010
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
01-19-2011, 09:55 PM
Jochen Schulz
Let's talk about HTTPS Everywhere
Eduardo M KALINOWSKI:
>
> However, SSL has the added benefit that no one will be spying on
> your traffic, even if it's basically public information that is
> available via other means.
ACK. And additionally, it becomes harder to distinguish "public" from
"private" communication. Why should anyone want to disclose which is
which? And how do you decide that? How do you know what may be
interesting for an "attacker" in the future?
From my point if view, opportunistic encryption doesn't cost me
anything, but it may help me keep my privacy.
J.
--
My clothes aren't just fashion. They're a lifestyle.
[Agree] [Disagree]
<http://www.slowlydownward.com/NODATA/data_enter2.html>
01-19-2011, 10:25 PM
Tim
Let's talk about HTTPS Everywhere
On Wed, 2011-01-19 at 03:29 -0800, S Mathias wrote:
> 4) If it's so great why isn't it more prevalent?
Are you the same person that's already asked this question about two or
three times on this list in the last couple of months?
The answer's still the same: You can't force the use of HTTPS where the
website isn't designed for it.
Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
01-19-2011, 10:30 PM
MR ZenWiz
Let's talk about HTTPS Everywhere
On Wed, Jan 19, 2011 at 1:27 PM, Steve Flynn <anothermindbomb@gmail.com> wrote:
> On Wed, Jan 19, 2011 at 6:34 PM, MR ZenWiz <mrzenwiz@gmail.com> wrote:
>> On Wed, Jan 19, 2011 at 3:29 AM, S Mathias <smathias1972@yahoo.com> wrote:
>>> Ok. It's a Firefox Add-on:
>>>
>>> https://www.eff.org/https-everywhere
>>>
>> And this has what, exactly, to do with Ubuntu?
>
> Nothing other than it answers some of the OP's questions. By the way,
> your quoting is incorrect/misleading.
>
Would you like to explain that last part? Here's his whole posting,
unedited (except for the three blank lines):
On Wed, Jan 19, 2011 at 3:29 AM, S Mathias <smathias1972@yahoo.com> wrote:
> Ok. It's a Firefox Add-on:
>
> https://www.eff.org/https-everywhere
>
> Questions:
>
> 1) But: Why can't i find it on the offical Firefox Add-ons site?: https://addons.mozilla.org/en-US/firefox/
>
> 2) Did anyone audited the "HTTPS Everywhere" code?
>
> 3) Can someone trust this Add-on? Is it safe to install/use?
>
> 4) If it's so great why isn't it more prevalent?
>
> What's youre opinion? Or answer? :
>
> Thanks!
>
> --
> ubuntu-users mailing list
> ubuntu-users@lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>
What, exactly, did I misquote?
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
01-19-2011, 10:36 PM
Mark
Let's talk about HTTPS Everywhere
On Wed, Jan 19, 2011 at 10:42 AM, John R. Dennison <jrd@gerdesas.com> wrote:
> On Wed, Jan 19, 2011 at 10:33:59AM -0800, Mark wrote:
>> Let's talk about CentOS on this list, shall we?
>
> * * * *Presumably the OP is running firefox on CentOS. *So... how it this
> * * * *not about CentOS?
>
If that's true, why does he (always) cross-post every single question
to the Ubuntu users group (and I hear others, but I don't belong to
them)?
This is a fellow who routinely asks extremely general questions that
so strongly resemble first-year student homework questions that I, and
others, have taken the path of not helping him. I'm not here to do
anyone's homework for them.
Also, it has been my experience in the last four years of being on
this list that most people who are genuinely interested in how
something works *on CentOS* include such minimally relevant
information as which CentOS they are running and why the question
belongs here rather than in, say, a Firefox discussion group.
Feel free to poke around in the archives and see if you can find even
one CentOS query from S. Mathias.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
01-19-2011, 10:38 PM
Mark
Let's talk about HTTPS Everywhere
On Wed, Jan 19, 2011 at 1:35 PM, John R. Dennison <jrd@gerdesas.com> wrote:
>
> * * * *The OP asked a pretty straight-forward set of questions. *Was it
> * * * *100% germane to this list? *No, perhaps not.
The problem is that none of his questions is ever 100% germane to the
various lists to which he posts.
More like 10% or less....
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
01-19-2011, 10:39 PM
Mark
Let's talk about HTTPS Everywhere
On Wed, Jan 19, 2011 at 3:38 PM, Mark <mhullrich@gmail.com> wrote:
> On Wed, Jan 19, 2011 at 1:35 PM, John R. Dennison <jrd@gerdesas.com> wrote:
>>
>> * * * *The OP asked a pretty straight-forward set of questions. *Was it
>> * * * *100% germane to this list? *No, perhaps not.
>
> The problem is that none of his questions is ever 100% germane to the
> various lists to which he posts.
>
> More like 10% or less....
>
Also, in re-reading his questions, none of them has anything to do with CentOS.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Let's talk about HTTPS Everywhere
