[HTTPS-Everywhere] HTTPS Everywhere makes interception easier.
ANDY
sirald66 at gmail.com
Fri Dec 5 08:00:28 PST 2014
A CDN could be looked at as a site's "very distributed" data center. At
what point in a service's design does our traffic become clear-text and
therefore vulnerable? At the CDN? Server? Process/bus? Internal
network? Databases? 3rd-party outsourcing? Humans? AI?
Unless we have protocols that control all that as well, policies and intent
aside, we trust the site at some point to manage the data securely -- we
know that our government has been twisting the screws (the public's fault
for not electing less corrupt leaders).
I think John's goal was to throw HTTPS Everywhere under the bus for his own
promotion. Making points at the expense of positive efforts. Pissing in
the coffee.
On Fri, Dec 5, 2014 at 5:44 AM, Maxim Nazarenko <nz.phone at mail.ru> wrote:
> Hello,
>
> I am no security expert, but I fail to see to how encrypting traffic
> between one's browser and CDN servers could possible decrease
> security.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/pipermail/https-everywhere/attachments/20141205/8549337c/attachment.html>
More information about the HTTPS-Everywhere
mailing list