516
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 10 Nov 2023
516 points (98.9% liked)
Technology
59161 readers
2186 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
Great and in 2 -3 years we find out, that someone has actively abused this security hole for years and stole whatever master key is required, to create their own fake government CA and has been spying on everyone for years. Or political opposition was imprisoned before they could act. Best is, such man in the middle attacks allow for all sorts of things, including putting fake evidence on your computer.
Oh yes, no one would ever do that every, totally never happened and won't. Nazis will also never come back. What, they soon are the biggest party in Germany, in other countries too? And will dictate rules in the EU? No one could see that happening...
Where there's honey, there will be bears.
I just hope we can create a browser plugin to deny gov CAs automatically or a browser from outside EU to block that shit. ...until your ISP is forced by law to block traffic from these.
One step closer to a great EU firewall and it sucks. Good old salami tactics. Because at some point it doesn't even matter if there are ways to mitigate this spying, if the alternative are so complicated and uncomfortable to use, that 99,999% of the people won't bother.
Commercial CAs are not that better either
Companies always have a name and money to lose and are a hurdle for overreaching hands. The government has no reputation nor money to lose and a simple agreement opens all doors if it's already government owned. A big difference to me personally.
The government should only ever own things that would fail or be worse, if in public hands. Like infrastructure for instance.
Absolutely don't agree that companies are more trustworthy than governments.
My guess is that you have an awful government in your home country, but not here. And yes that could change, but they are at least voteable.
Companies are NEVER your friend.
Companies are ALWAYS your friend. The government - not so much.
Large companies only care profit. They will hand over your privacy/security in a blank of an eye if to not do so costs them. Snowdon showed companies hand stuff to governments. I doubt it's changed. They are heart money machines remember.
Least governments are in theory democratically accountable. Having to trust someone at all is really a problem with CAs. Maybe you want different CAs you can choose from. I'd trust one from nonprofit FOSS groups like Debian more than big tech or governments to be honest.
Please tell me how Philip Morris and other big tobacco is my friend.
https://www.cbsnews.com/news/big-tobacco-kept-cancer-risk-in-cigarettes-secret-study/
Doesn't work.
Government too have name, money and people to loose.
Ok, in some sense they do not have money, but they definetly have reputation.