W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: How HTTP 2.0 mandatory security will actually reduce my personal security

From: Nicolas Mailhot <nicolas.mailhot@laposte.net>
Date: Fri, 15 Nov 2013 07:26:48 +0100
Message-ID: <a37013b3655da004948b064f5ebde82e.squirrel@arekh.dyndns.org>
To: "Roberto Peon" <grmocg@gmail.com>
Cc: "Bruce Perens" <bruce@perens.com>, "HTTP Working Group" <ietf-http-wg@w3.org>

Le Ven 15 novembre 2013 06:38, Roberto Peon a écrit :

> Sure, there is most definitely a tradeoff between ensuring privacy across
> the open net and being able to look into all streams.
> What I don't see, however, is how you will ever have enough time to
> understand all of the interactions which are ongoing on your network--
> steganography is just too easy, even for plaintext.

You assume all attacks are the work or elite hackers here to get you.

The mundane truth is most attacks are the result of developer shortcuts
put there for convenience without thinking about the side-effects or user
privacy. They are usually not hidden in any way, all you have to do is
look (assuming the protocol does no cloak them by default).

-- 
Nicolas Mailhot
Received on Friday, 15 November 2013 06:27:47 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:19 UTC