Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Firefox Electronic Frontier Foundation Handhelds Security IT

With HTTPS Everywhere, Is Firefox Now the Most Secure Mobile Browser? 279

Peter Eckersley writes "Over at EFF, we just released a version of our HTTPS Everywhere extension for Firefox for Android. HTTPS Everywhere upgrades your insecure web requests to HTTPS on many thousands of sites, and this means that Firefox on Android with HTTPS Everywhere is now by far the most secure browser against dragnet surveillance attacks like those performed by the NSA, GCHQ, and other intelligence agencies. Android users should install the Firefox app and then add HTTPS Everywhere to it. iPhone and iPad users will unfortunately have to switch to Android to get this level of security because Apple has locked Mozilla Firefox out of their platforms."
This discussion has been archived. No new comments can be posted.

With HTTPS Everywhere, Is Firefox Now the Most Secure Mobile Browser?

Comments Filter:
  • HTTPS is secure? (Score:5, Informative)

    by Anonymous Coward on Wednesday February 05, 2014 @12:21AM (#46159245)

    http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security

    • by gmuslera ( 3436 )
      HTTPS is not a guarantee, but is a good first start. They may not have your certificate (yet), and if the remote server uses forward secrecy getting it later won't decrypt your past communications. And the people wanting to know (or intercept/fake/whatever) your communication don't end in NSA/GCHQ/similars.
    • Re:HTTPS is secure? (Score:5, Informative)

      by AmiMoJo ( 196126 ) * on Wednesday February 05, 2014 @07:21AM (#46161037) Homepage Journal

      It's not secure if they target you, but it massively increases the cost of monitoring you. Rather than just passively hoovering everything up they have to actually attack. If everyone does it their job gets hardware and more costly.

  • comment spam on an article about how something is so secure.

  • by somenickname ( 1270442 ) on Wednesday February 05, 2014 @12:40AM (#46159395)

    I will admit that I was skeptical that a piece of software could cure my cancer, bring back my wife and prevent me from beating my daughter but, based on dozens of posts on Slashdot, I'm willing to give it a try.

  • by fuzzyfuzzyfungus ( 1223518 ) on Wednesday February 05, 2014 @12:47AM (#46159431) Journal
    'Secure' isn't really something where you can just boil it into a number between 1 and 100 and call it a day. If you are worried about attackers sniffing the wire, a plugin that enforces SSL use is a major advantage. If you are worried about being hit with a zero day by the guy on the other end of the wire, it's entirely irrelevant.
    • by Anonymous Coward on Wednesday February 05, 2014 @01:05AM (#46159509)

      Secure = 100;
      itaday();

    • Yes, secure connections are pretty useless if you are being tracked all the time anyway.

    • by somenickname ( 1270442 ) on Wednesday February 05, 2014 @02:34AM (#46159907)

      I loathe to say this but, HTTPS Everywhere is security theater. It makes your browser have a green icon where it otherwise might not but, that green icon is just an illusion of security. Considering recent revelations about the NSA, I would assume all SSL certificates are compromised. Like, literally, all of them. If the trust chain has been compromised by one party (the NSA), I would assume it compromised by all parties.

      • by kasperd ( 592156 ) on Wednesday February 05, 2014 @06:13AM (#46160799) Homepage Journal

        I would assume all SSL certificates are compromised. Like, literally, all of them.

        No amount of snooping on the network would compromise a private key, which never leaves the server in the first place. Thus the only way you could possibly compromise the certificate, would be if you put an invalid public key in the certificate in the first place. Since that would be immediately obvious to any server owner paying enough attention, it is safe to assume that compromising all certificates cannot be done without being detected. If they literally compromised all of them, it would only take one single security aware server administrator to notice it.

        This is why we should focus much more on protocols that are secure against passive attacks, but not against active attacks. Systematic passive attacks can be pulled off without detection. Systematic active attacks cannot. Protection against active attacks is much harder and is the reason we have the CA system. It is not that protecting against active attacks is a bad idea, it is just that it is so hard that much communication isn't protected. Opportunistic encryption with security against active attacks could be done without needing certificates. If on top of that you do perform certificate validation on the most critical sites after you have established a connection with only the opportunistic protection, then you do get protection against active attacks. In order for this to make sense, it is important that until you do perform an active attack, you cannot know if the connection has been secured against active attacks.

        Both types of connections will benefit by being indistinguishable from the other to a passive adversary.

        The connections with only passive security benefits because it is now easier to do encryption, and moreover being indistinguishable from the minority of connections with active security protects you from systematic active attacks. This is because systematic attacks are bound to hit protected connections once in a while, so they cannot go undetected.

        The connections with the full active security also benefits because they are now attracting less attention. They will be a minor fraction of a much larger amount of encrypted connections. A passive adversary cannot know which of the connections have active security and are likely to contain the juicy stuff.

      • by AmiMoJo ( 196126 ) * on Wednesday February 05, 2014 @07:37AM (#46161133) Homepage Journal

        Even if all certificates are compromised they are still worth using. Instead of passively collecting all that data the NSA/GCHQ has to perform a man-in-the-middle attack using a server that is geographically closer to you than the one they are spoofing. It costs them more time and money, limits their ability to spy on everyone all the time and requires them to maintain those servers. MITM attacks can be detected too, and in fact Chrome has made some progress on that with pinned certificates. I think there is a Firefox plugin that does something similar.

        There are real and measurable benefits to using HTTPS, it's not just theatre.

        • Even if all certificates are compromised they are still worth using. Instead of passively collecting all that data the NSA/GCHQ has to perform a man-in-the-middle attack using a server that is geographically closer to you than the one they are spoofing. It costs them more time and money,

          And whose money is that? Oh, it comes from the poor and the middle class, who actually pay taxes.

          • by AmiMoJo ( 196126 ) *

            So what you are saying is that we just give up our rights and freedoms in order to pay a bit less tax. Well, no.

            Anyway, the cost will be made astronomical, so putting up taxes wouldn't help. They will simply have to stop mass collection of data once everything uses encryption.

      • by jafiwam ( 310805 ) on Wednesday February 05, 2014 @08:37AM (#46161541) Homepage Journal

        I loathe to say this but, HTTPS Everywhere is security theater. It makes your browser have a green icon where it otherwise might not but, that green icon is just an illusion of security. Considering recent revelations about the NSA, I would assume all SSL certificates are compromised. Like, literally, all of them. If the trust chain has been compromised by one party (the NSA), I would assume it compromised by all parties.

        While this is true, chances are SLL Certificates still work well enough to keep the other nerd at the coffee shop from stealing your WoW forum account credentials.

        No single person, ever, anywhere, has been able to single handedly defend themselves from the government of the place they reside. If the Government wants the account, they'll get it through twisting laws and sending the cops, not by snooping on it.

        SSL protects against run of the mill crime. And, it does that well.

  • by hipsterdufus ( 42989 ) on Wednesday February 05, 2014 @01:11AM (#46159535)

    The NSA likely has keys from all the major SSL cert vendors, rendering this "spamvertisement" moot. HTTPS does not mean that you're secure from everybody. It means you've added a layer of security that will thwart MOST prying eyes, but those that really want to know what you're doing WILL know what you're doing.

    What a silly thing to appear on slashdot.

    • by Jane Q. Public ( 1010737 ) on Wednesday February 05, 2014 @02:33AM (#46159901)

      "What a silly thing to appear on slashdot."

      Why is it silly? It still means that most people will be more secure, most of the time.

    • by dvdkhlng ( 1803364 ) on Wednesday February 05, 2014 @04:26AM (#46160351)

      The NSA likely has keys from all the major SSL cert vendors, rendering this "spamvertisement" moot. HTTPS does not mean that you're secure from everybody. It means you've added a layer of security that will thwart MOST prying eyes, but those that really want to know what you're doing WILL know what you're doing.

      Having the keys from multiple SSL cert vendors does not help a bit (and having the keys from many vendors isn't much better than having the keys of a single vendor). It does NOT magically allow you to decrypt SSL traffic from servers whose host key was signed against that cert vendor's certificate!

      To decrypt traffic of multiple SSL websites requires you to obtain the private part of the SSL host keys from all the web-servers themselves. Note that web server host keys are signed via signing requests that do not contain a copy of the private key, so even when the cert vendors (CAs) are hacked, you cannot directly listen in on SSL communication. When the servers implement Perfect Forward Secrecy [wikipedia.org], then even obtaining a copy of the server's host key won't help as each connection uses a temporary key that's exchanged via Diffie Hellman Key Exchange [wikipedia.org], a method that generates a key shared between two hosts, that (somewhat counter-intuitively) cannot be deduced by sniffing the traffic between those two participants.

      What you can still do is to set up a MITM attack [wikipedia.org]: you set up your own intermediate server with its own host key and sign your host key(s) using one of the SSL vendor's certs that you obtained. Then you redirect all traffic to the servers that interest you via your server (i.e. proxying all SSL connections) and then obviously in the process you obtain the cleartext of all SSL sessions running via your server.

      However, the MITM attack is much more difficult to deploy and scale than simple monitoring and recording IP data. Also skilled users will easily detect the MITM attack, as the host key's public part of the servers in question will suddenly change. There are firefox extensions to check for these signs of a MITM. Even SSL Everywhere has a checker built in (via the SSL Observatory). Or try Certificate Patrol [mozilla.org].

      • by jafiwam ( 310805 )
        You are assuming your software doesn't send the private key somewhere when you aren't looking.
    • All this allows you to do is create a MITM attack which won't be detected by your browser. However another plugin like Perspectives will compare the SSL cert you were served with notarys from several other sources. Since it's incredibly difficult to MITM a system in a way that the same middleman is presented to everyone it creates yet another layer of protection.

      Is it perfect? No. But sure beats the security of ASCII based traffic we're spewing everywhere right now.

    • by Mathieu Lu ( 69 )

      nonsense.. that's a blanket statement that doesn't mean anything, implying that we should only consider absolutely secure solutions that will protect against all attacks. There is no one size fits all. Adding a layer of security that "will thwart MOST prying eyes" is well worth it, just don't expect it to be bullet proof and understand how it works, what it protects from.

      If I recall correctly one of the initial aims of "https everywhere" was to protect people using public wifi. Hijacking FB accounts on publ

    • What a silly thing to appear on slashdot.

      What a silly thing to say! Most of the time, it's not the NSA I'm worried about, it's the ISP or the creeper next to me on the open wifi network. Most people don't have an ipsec tunnel to their home network for secure wifi access, so this isn't a bad thing at all.

      Issues with CA's and the NSA are real, but don't get huffy-puffy about a practical addon being brought up on /.

  • by marienf ( 140573 ) on Wednesday February 05, 2014 @01:17AM (#46159573)

    > this means that Firefox on Android with HTTPS Everywhere is now by far the most secure browser
    > against dragnet surveillance attacks like those performed by the NSA, GCHQ, and other intelligence agencies.

    While I certainly think it is a good idea to encrypt traffic, this statement is highly misleading or naive: Since the CA
    system is *flawd by design* and every one of those "authorities" in the long list of built-in CA inside
    your browser can, by negligence or choice, supply any of these and other agencies with a valid certificate for
    *any hostname in the world*, initiatives like these protect your privacy only from your local sysadmin/ISP, and also
    do nothing against traffic analysis.

    Should a US person/company trust that "China Internet Network Information Center" isn't going to create a cert for a
    US bank or company to perform a MITM attach with? Should a Chinese company trust "Wells Fargo" not to?
    Should the Greeks trust "TÜRKTRUST Bilgi letiim ve Biliim Güvenlii Hizmetleri A.. (c) Aralk 2007", or the
    Turks "Hellenic Academic and Research Institutions Cert. Authority"? What on earth makes you think ALL of these
    companies can resists pressures to misbehave? Yet all of them are built-in to your browser and "you" trust them.

    Just go to any (Cloudflare, Akamai..)-accelerated site using https and check out the certificate used to see how that works:
    They are issued certificates for the customer domains they accelerate, and hence have access to all the traffic.
    In essence, they do exactly what a man-in-the-middle attack would do, except on a much grander scale (and with the collusion
    of the actual domain holders). The agencies can carry out such attacks from within the ISP's, and your browser would still show "green".

    The Cert validation in the browsers leads to a *dangerous false sense of security* at most. This is crypto, a weakest-link business
    if ever there was one, folks. It's not ALL, or SOME that need to fail in order for PKI to fail, it's ANY of them.

    Surely, we can do better than that: We should get rid of all centralised security illusions. Why aren't we signing contents using our PGP
    keys that at least make multiple signers possible and habitual, and, and this is the essential difference, IMHO: That *you* have made a
    conscious decision to trust or mistrust, to a certain degree, by reviewing a web of trust, as in informed consent as opposed to blind paternalism
    of massivly built-in, pretrusted certificates by distant companies you really have no clue about.

    WKR,
    -f

    • by dvdkhlng ( 1803364 ) on Wednesday February 05, 2014 @04:06AM (#46160289)

      > this means that Firefox on Android with HTTPS Everywhere is now by far the most secure browser > against dragnet surveillance attacks like those performed by the NSA, GCHQ, and other intelligence agencies.

      While I certainly think it is a good idea to encrypt traffic, this statement is highly misleading or naive: Since the CA system is *flawd by design* and every one of those "authorities" in the long list of built-in CA inside your browser can, by negligence or choice, supply any of these and other agencies with a valid certificate for *any hostname in the world*, initiatives like these protect your privacy only from your local sysadmin/ISP, and also do nothing against traffic analysis.

      Should a US person/company trust that "China Internet Network Information Center" isn't going to create a cert for a US bank or company to perform a MITM attach with? Should a Chinese company trust "Wells Fargo" not to? Should the Greeks trust "TÜRKTRUST Bilgi letiim ve Biliim Güvenlii Hizmetleri A.. (c) Aralk 2007", or the Turks "Hellenic Academic and Research Institutions Cert. Authority"? What on earth makes you think ALL of these companies can resists pressures to misbehave? Yet all of them are built-in to your browser and "you" trust them.

      [..]

      The Cert validation in the browsers leads to a *dangerous false sense of security* at most. This is crypto, a weakest-link business [..]

      You suggest that MITM attacks on SSL are as bad as someone sniffing on unencrypted traffic. It is not! MITM attacks are active attacks and are much more invasive to carry out. That's not all: in principle all these MITM attacks can be detected: the host key of the Man In The Middle will differ from the host key of the original server (though your browser will accept the differing host key when it is signed by a rogue CA).

      It is pretty dangerous for an adversary to carry out MITM attacks on a large scale, as sooner or later, this is going to be detected. The SSL Everywhere extension for example can (optionally) collect information for and check with the SSL Observatory [eff.org] to detect differing certificates that indicate MITM attacks.

      There's also the Certificate Patrol [mozilla.org] Firefox Extension that persistently remembers certificates and warns when certificates changed for no apparent reason.

      • You suggest that MITM attacks on SSL are as bad as someone sniffing on unencrypted traffic. It is not! MITM attacks are active attacks and are much more invasive to carry out.

        Is "false security" better or worse than "no security"? I don't think there's a simple one-size-fits-all answer to that - it depends on the type of threat and who the target is. If the bad guys want to snoop on an individual over a period of time, then traffic sniffing probably is easier. If its an organised gang going after money then MITMing a major ecommerce or banking site might be far more effective - and only needs to be in place for an hour or two to collect enough paydirt.

        Anyway, the headline was "

        • Re: (Score:3, Insightful)

          by dvdkhlng ( 1803364 )

          You suggest that MITM attacks on SSL are as bad as someone sniffing on unencrypted traffic. It is not! MITM attacks are active attacks and are much more invasive to carry out.

          Is "false security" better or worse than "no security"?

          I really don't understand why everybody tries to reduce these encryption problems on the "false security" vs. "no security" dichotomy. No this is not about false security. This is about security against undetectable passive attackers vs. detectable active attackers. The amount of data a detectable active attacker is able to collect about my person are many orders of magnitude smaller than the amount of data a passive attacker is able to obtain. The active attacker will also only be able to obtain data f

    • by Monoman ( 8745 )

      So what are you proposing instead?

      I think the whole point of HTTPS Everywhere is that using it is better than not using it. Some say the improvement is marginal at best. Some say it isn't an improvement at all. What none of the naysayers are saying is how they are doing it better.

      As security increases, convenience decreases.

    • Why aren't we signing contents using our PGP
      keys that at least make multiple signers possible and habitual, and, and this is the essential difference, IMHO: That *you* have made a
      conscious decision to trust or mistrust, to a certain degree, by reviewing a web of trust, as in informed consent as opposed to blind paternalism
      of massivly built-in, pretrusted certificates by distant companies you really have no clue about.

      I just had this nightmare of facebook offering to spread pgp keys between facebook 'friends'

      Small scale key exchange works but can it really work to communicate on the scale that we use every day? Commercial sites, for example, with all the individual users that connect to them?

    • Why do you say the CA system is flawed by design? Do you mean that some agency deliberately introduced the flaws? Or do you just mean that the design is flawed?
    • The proper way would imho to accept all certificates (no need for those extortion fees, and it allows people to use self-signed certificates), and warn when a certificate changes and the new one is not signed with the original certificate. That's a sign that a MITM has been deployed since you first contacted the site. Even if they successfully get a "trusted" certificate in the name of the site they pretend to be.

      When a MITM is active already on a site on your first visit, you're out of luck. Not much one c

  • Misleading much... (Score:3, Insightful)

    by raist21 ( 68156 ) on Wednesday February 05, 2014 @01:27AM (#46159621)

    So what's with the uber pro-Firefox and Android spiel?

    According to the web-site you can get the plug-in for Chrome as well. Albeit beta, but still.
    And if that's the case, you can just install Chrome on your Apple device, it's in the itunes store, and install the plugin for it instead.

    • Maybe they wanted to start a fanboi flamewar on a tech site for more Ad revenue?

    • by BZ ( 40346 )

      Assuming the extension works on Chrome on iOS. Which it may not, since that uses a fairly different architecture and rendering engine from Chrome on other platforms...

    • "And if that's the case, you can just install Chrome on your Apple device, it's in the itunes store, and install the plugin for it instead."

      You're missing part of the point. Chrome is intimately intertwined with other Google services, and in fact it's pretty damned hard to keep it separate from those services.

      Government is not the only entity that snoops. And Firefox is the only major browser that doesn't belong to big snoopy corporate interests. (Although Apple SAYS that it doesn't snoop. And lots of people believe them. Certainly it doesn't snoop anything like Google does.)

    • Albeit beta, but still.

      Well duh, it's a Google product. Er, a plugin for a Google product. Whatever.

  • by Greyfox ( 87712 ) on Wednesday February 05, 2014 @01:45AM (#46159709) Homepage Journal
    Use iptables to block outgoing requests to any port 80. Then decertify all the certs you don't trust (all of them.) Congratulations! Your web browsing experience is now secure!
  • This is a strong move by the EFF and Mozilla.

    wtf is Apple going to do? promise they will offer the same protection?

    I hate that Firefox can't get on the Apple App Store, and I like Apple products. But this...this is bullshit.

    Will Apple somehow integrate a similar HTTPS into Safari?

    • seriously if they were trying to troll in order to stifle discussion about this topic, that mycleanPC thing kinda worked...

      reminds me of APK...

      maybe this is a level 2 deployment of the APK chatbot AI

  • by SuperDre ( 982372 ) on Wednesday February 05, 2014 @02:07AM (#46159791) Homepage
    For this to work, the site must support https, and a lot of sites don't...
    • by gmuslera ( 3436 )
      For this to work, the site must have the same content using https. It already checks that the site have an https version to try to use that protocol, the problem happens if the https version is a blank page or have different content.
  • With HTTPS Everywhere, Is Firefox Now the Most Secure Mobile Browser?

    You obviously think it is, so why did you phrase that as a question?

  • Supporting https everywhere is *not* a sufficient single reason to be called "the most secure browser".

    Monocausal interpretations of security are the worst enemy of security.

    • by fatphil ( 181876 )
      I'm pretty much sure I entirely agree with you, but I've not heard the term "monocausal" used in this context - do you mean something like "(claiming to be a) silver bullet"?
  • by bogd ( 912084 ) on Wednesday February 05, 2014 @03:30AM (#46160169)

    So basically all this does is to force HTTPS requests instead of HTTP? (took me a while to find out - gotta love the fact that the "clever technology" link on their site, instead of going to a description of the actual technology, goes to... xkcd?! :) )

    I see a few problems with this approach:
    1)Not all content is provided over both HTTP and HTTPS. For multiple reasons, one being performance. Which leads us to the second problem...
    2)A HTTPS session incurs a significant overhead for encryption. Which may be no problem for someone like Google. But for someone hosting his/her own (moderately successful) website on a small server, it might just overload said server.
    3)Quite possibly the biggest problem with HTTPS is the fact that users have been trained over many years to just click "accept/install certificate" on self-signed certs. Not knowing that if you do this you are no longer secure.

    And the more we keep forcing HTTPS, the more webmasters will use self-signed certs. Not many people want to go through the hassle of obtaining (and maintaining!) a valid SSL certificate for every single website they run, even if that cert is free. Which will only exacerbate the problem...

    • I see a few problems with this approach: 1)Not all content is provided over both HTTP and HTTPS. For multiple reasons, one being performance. Which leads us to the second problem... 2)A HTTPS session incurs a significant overhead for encryption. Which may be no problem for someone like Google. But for someone hosting his/her own (moderately successful) website on a small server, it might just overload said server. 3)Quite possibly the biggest problem with HTTPS is the fact that users have been trained over many years to just click "accept/install certificate" on self-signed certs. Not knowing that if you do this you are no longer secure. And the more we keep forcing HTTPS, the more webmasters will use self-signed certs. Not many people want to go through the hassle of obtaining (and maintaining!) a valid SSL certificate for every single website they run, even if that cert is free. Which will only exacerbate the problem...

      True, although the effect of #2 is generally pretty low, and because there's the potential for SPDY to pipeline everything over 1 HTTPS connection, total server load caused by each visitor can actually be lower, depending on the web server.

      That said, biggest issues as I see them are:

      1) HTTPS still has the extra overhead of establishing an SSL connection, which makes total page load time longer. The aforementioned SPDY can help compensate for this, but the pipelining of SPDY has the most benefit on sites tha

    • by heypete ( 60671 ) <pete@heypete.com> on Wednesday February 05, 2014 @04:59AM (#46160495) Homepage

      I see a few problems with this approach:

      1)Not all content is provided over both HTTP and HTTPS. For multiple reasons, one being performance. Which leads us to the second problem...

      True, which is why HTTPS Everywhere only enables HTTPS on sites that support it (they are specifically whitelisted by the extension devs).

      2)A HTTPS session incurs a significant overhead for encryption. Which may be no problem for someone like Google. But for someone hosting his/her own (moderately successful) website on a small server, it might just overload said server.

      While HTTPS does incur some overhead, it's surprisingly small for modern servers. Google, for example, was able to add SSL/TLS to all Gmail connections with no new hardware, no additional servers, and SSL/TLS accounts for only about 1% of their CPU time (see here [imperialviolet.org] for details).

      Pretty much any server will reach other bottlenecks before the slight overhead of SSL/TLS becomes an issue. Using Perfect Forward Secrecy is important for security and using DHE-based ciphers do incur a moderate overhead compared to non-DHE ciphers (a factor of about 3). Using ECDHE instead makes the increase in overhead only about 15% rather than 300%. See here [bernat.im] for details.

      3)Quite possibly the biggest problem with HTTPS is the fact that users have been trained over many years to just click "accept/install certificate" on self-signed certs. Not knowing that if you do this you are no longer secure.

      And the more we keep forcing HTTPS, the more webmasters will use self-signed certs. Not many people want to go through the hassle of obtaining (and maintaining!) a valid SSL certificate for every single website they run, even if that cert is free. Which will only exacerbate the problem...

      [citation needed] Getting a domain-validated SSL cert from publicly-available CAs is the work of a few minutes and, as you point out, often available for free or very low cost. Many hosts will automate the generation of a private key and CSR, making the process one of copy-paste for the customer. Other hosts handle the entire process of generating a private key, getting it signed by a CA, and configuring things correctly.

      Sure, some sites use self-signed certs, but these are usually for personal or internal corporate purposes and not for the general public. The scary warnings in browsers aren't likely to go away anytime soon, so I doubt that any webmaster of a website meant for public use is going to be using self-signed certs (other than those catering to specific, tech-savvy audiences).

      • The scary warnings in browsers aren't likely to go away anytime soon, so I doubt that any webmaster of a website meant for public use is going to be using self-signed certs (other than those catering to specific, tech-savvy audiences).

        Tech-savvy audiences are ok with self-signed certs?

        • by heypete ( 60671 )

          The scary warnings in browsers aren't likely to go away anytime soon, so I doubt that any webmaster of a website meant for public use is going to be using self-signed certs (other than those catering to specific, tech-savvy audiences).

          Tech-savvy audiences are ok with self-signed certs?

          Some, sure.

          Note how I used "specific". That word was used for a reason.

          There may be, for example, a community of crypto-savvy users who would rather not rely on a third-party CA to authenticate their certs. A site administrator could issue a self-signed certificate for the community site and post the PGP-signed details (e.g. fingerprint, key length, etc.) of the certificate so that members could verify its authenticity.

          Other sites, like the anti-spam DNSBL named SORBS, use certs issued by their own internal

          • Sounds reasonable - I thought you meant you were expecting tech-savvy users to ignore browser warnings.

      • Getting a domain-validated SSL cert from publicly-available CAs is the work of a few minutes and, as you point out, often available for free or very low cost.

        That is true, however.

        1: until internet explorer on windows XP and the default browser on android 2.x die out we can only use one cert per IP. So we are stuck with either managing seperate IPs for each hostname or paying significantly more to have multiple names on one cert.;
        2: you have to go through the certificate dance again every year or two. If you don't then your users start getting warnings.

  • is this publicity stunt a sign of some trouble at firefox? otherwise they should be smarter than making stupid claims like this, right?
  • by smash ( 1351 )
    where is the HTTPS terminated and who holds the keys?
  • Just want to say thank you

  • by crow ( 16139 ) on Wednesday February 05, 2014 @09:58AM (#46162205) Homepage Journal

    This doesn't work with Slashdot. At least if you put in a https, it redirects, so they have it set up; they just don't use it. You would think that a technology site would be up on current technology.

  • by QuietLagoon ( 813062 ) on Wednesday February 05, 2014 @09:59AM (#46162209)
    ... that HTTPS is itself secure.

    .
    It is not.

  • Betteridges Law of Headlines finally proven wrong?

Some people manage by the book, even though they don't know who wrote the book or even what book.

Working...