Quoting Seth Russell (2013-09-26 05:19:20) > I'm not a security expert,� but this is a bit troubling.� Granted you > can hide your web transmissions for unsophisticated prying eyes ... > and even cause the little lock to appear ... and do it pretty much > free now.� That does sound like a good thing ... and believe me after > paying the little big bucks to buy a real certificate commercially > every year it sounds really great indeed.� But what troubled me is the > certificate ended up telling me that i was visiting some unknown place > (Organization� <Not Part Of Certificate>).��� Does this way of > certifying actually certify anything to a information consumer? Yes, it does certify this: Spying on this particular web session of yours require either a) very powerful tools, or b) direct access to your host or the host at the other end, or c) some interception of just a single one of the huge pile of certifiers installed in your system as trusted ones. In short, you have (quite likely) limited surveillance to those with big pockets (and helped skew the statistics for the next NSA budget meeting to tell that cybercrime is rising - because only criminals have something to hide, right?). - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
Received on Thursday, 26 September 2013 08:32:27 UTC