[liberationtech] Defeating massive wiretapping with opportunistic, unauthenticated encryption in HTTP ?
Guido Witmond
guido at witmond.nl
Mon Oct 28 14:25:27 PDT 2013
On 10/28/13 21:51, Fabio Pietrosanti (naif) wrote:
> Il 10/28/13 3:14 PM, Guido Witmond ha scritto:
>> I know that this kind of argument attract crypto-trolling ("Javascript encryption" and
> "Unauthenticated encryption" and "Opportunistic encryption") but i think
> that it's worth discussing because it could be a revolutionary approach
> to challenge massive wiretapping. What does various people think about
> this approach?
>>
>> One question: How does the javascript get to the browser without any
>> interference from intermediate parties?
> No protection against active attacks.
>
> The purpose is to defeat massive wiretapping that's a passive.
>
> Active attacks are mostly for targetted attacks, so outside the scope.
Playing devils' advocate: I believe we need to protect everyone, not
just the Persons of NO Interest to the Powers that Be.
It may not be the NSA that's interested in me or my neighbour, but we
have a little money that some criminal might find tempting.
Guido.
If you think you have nothing to hide, your life is too boring. :-)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 897 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20131028/9c01cd26/attachment-0001.sig>
More information about the cypherpunks
mailing list