Hacker News new | ask | show | jobs
by ForEnglandJames 3990 days ago
>Who would co-operate?

Who can resist a sufficiently determined state that still enjoys popular support? All he has to do is engineer the support for "security" over the long term.

Don't misunderestimate your fellow voters.
1 comments
mike-cardwell 3990 days ago
When resistance is so damn easy, and capitulation so self-destructive, who would co-operate? You could not force a Linux distro or Mozilla to distribute that cert. It could not be done.

[edit] https works based on trust. We trust the browsers and OS vendors to at least try to prevent the CAs from abusing their power. As soon as it becomes obvious that the OS and browser vendors are now letting state actors compromise all traffic, then https is dead in the water and something else will come along. Nobody is going to risk that happening. It would cost too many rich people too much money.

link
ForEnglandJames 3990 days ago
That's very well thought-out. The tinfoiler in me wonders if that's true, though, and if there aren't subtler avenues for circumvention that still target this trust-based system, especially via social engineering.

I had little interest in security before Snowden, so admittedly, I need to lurk moar and keep learning. Thanks for offering another argument I can try to fit against new facts I encounter and helping me continue that process.

link