> On 3 Dec 2015, at 17:29, Jacob Appelbaum <jacob@appelbaum.net> wrote: > > On 12/3/15, Mike Belshe <mike@belshe.com> wrote: >> Absolutely to be expected, but nothing to do with http2. This was already >> happening long before http2 or spdy... > > Exactly so - huge surveillance and censorship events are an ongoing problem. > >> These types of event are GREAT for everyone - we're getting visibility into >> just how invasive our governments want to be. If we didn't push forward, >> the world would be living in ignorant bliss. > > Rosa Luxemburg most famously captured this: "Those who do not move, do > not notice their chains." > > I'm not sure that it is "great" in a sense that I'm familiar with... > it is a reality check that moves things along in a very honest > direction. Some technical people were aware and they were fine with > the status quo. Some as collaborators and some as feeling like this is > all awful and messy. Now many many more people will be aware, some > with power to change things and many without. It moves us from a world > of passive and hidden active attackers to a world where we'll see many > more active attacks. > > Is it really bad news that we're now seeing this stuff? It has been > happening for *years* in some countries. Some Oakley groups have been > blocked wholesale in areas of the world. > >> Go go go http2 and mandatory SSL everywhere. Next step - eliminate MITM. >> We haven't done that well yet, but its coming. > > TLS, please. :-) > > All the best, > Jacob > I could not agree more with Jacob if I tried. Well said.
Received on Thursday, 3 December 2015 17:36:32 UTC