On Thu, 2011-09-15 at 08:32 -0400, Joseph Apuzzo wrote: > A friend of mind turned me on to https://www.google.com aka to have an > encrypted conversation with Google. > I've been using it, since I like as much crypt-o traffic on the net as > possible. > > But why? Anyone have any intelligent toughs on the subject, I would > like to hear your take on the service and what it's good for. > > --
There has been a lot in the tech news lately that SSL has been compromised. Some consider SSL to be worthless. Some consider that the entire e-commerce infrastructure is insecure. SSL depends on a "web of trust". This is implemented via security certificates issued by a certificate authority. Several of these cerificate authorities have been hacked/compromised (DigiNotar, Comodo). The security cerificate for Google in particular has been stolen. I was alerted to this situation via the weekly radio show "PC Radio Show" on station WBAI. A regular participant on that show is David Perry of Trend Micro. This SSL issue was discussed on the August 10 show. (Program archive available at pcradioshow2.org). It was discussed further on more recent shows, but I don't recall which ones. Disclaimer: I'm not knowledgeable in computer security. _______________________________________________ Mid-Hudson Valley Linux Users Group http://mhvlug.org http://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug Upcoming Meetings (6pm - 8pm) MHVLS Auditorium Oct 5 - Distributed Authentication Systems Nov 2 - Nov 2011 Dec 7 - Chef
