Facebook killed the radio star. And by radio star, I mean the premise of distributed forums around the internet. And that got got by Instagram/SnapChat. And that got got by TikTok. Where the fuck is the internet we once knew?
0 Members and 3 Guests are viewing this topic.
I'd personally do as Joe suggests
You might be right about that, Joe.
[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz[17:32:54] * xar sets mode: +o newby[17:32:58] <xar> new rule[17:33:02] <xar> me and newby rule all
Quote from: CrAz3D on June 30, 2008, 10:38:22 amI'd bet that you're currently bloated like a water ballon on a hot summer's day.That analogy doesn't even make sense. Why would a water balloon be especially bloated on a hot summer's day? For your sake, I hope there wasn't too much logic testing on your LSAT.
I'd bet that you're currently bloated like a water ballon on a hot summer's day.
Can't you verify fingerprints... ?Really, SSH seems to be built to prevent this.
Quote from: Newby on September 30, 2008, 03:17:38 pmCan't you verify fingerprints... ?Really, SSH seems to be built to prevent this.If you've received the server's key across a trustworthy medium, then you're almost definitely in the clear. SSH complains loudly if it gets a conflicting key. Otherwise, MITM is still easily possible, I think.
For SSL, there are CAs that verify the authenticity of a third party's public key. However, I don't think there's anything that prevents the ISP from being the MITM in that exchange as well. Am I wrong?
You have the CA's public key stored locally, and you verify the signature when you connect to it. So if somebody is MITMing that, you know. Of course, if the cert was compromised and revoked, odds are you'd never know because nobody checks the revocation lists.
You have the CA's public key stored locally, and you verify the signature when you connect to it. So if somebody is MITMing that, you know.
Quote from: iago on September 30, 2008, 05:05:35 pmYou have the CA's public key stored locally, and you verify the signature when you connect to it. So if somebody is MITMing that, you know. Of course, if the cert was compromised and revoked, odds are you'd never know because nobody checks the revocation lists. Ah, sure. Of course this all assumes you're visiting sites which have certificates signed by a CA. I guess this is usually the case, but I've seen a number of sites of "lesser caliber" that have self-signed certs.
Quote from: Sidoh on September 30, 2008, 05:22:53 pmQuote from: iago on September 30, 2008, 05:05:35 pmYou have the CA's public key stored locally, and you verify the signature when you connect to it. So if somebody is MITMing that, you know. Of course, if the cert was compromised and revoked, odds are you'd never know because nobody checks the revocation lists. Ah, sure. Of course this all assumes you're visiting sites which have certificates signed by a CA. I guess this is usually the case, but I've seen a number of sites of "lesser caliber" that have self-signed certs.Or maybe they are self signed because people don't feel like shelling out $700 to a signing company for a "legitimate" SSL cert. Also, by that logic, VeriSign is a "lesser caliber" site, since it's signed its own cert.
I think this is moot: The FCC forbade Comcast from looking at data to determine how to shape it. They are allowed to shape, but not based on what the data is, only on the quantity.So, if your ISP is shaping, an encrypted tunnel will not help you.