OMG!!
First of all, you'd be mis-educating them if telling them that
certificate "validity" has any real meaning. (But now you're talking
about http.)
Second, why do you think you have any right to put speed bumps in the
way of people who are doing nothing to you?
Third, if your grandmother needs internet "safety" education, just
educate her, or refuse to keep fixing the problems she encounters in her
ignorance - if she really is all that ignorant. I hope you wouldn't
install a browser re-direct without her consent, because then you'd be
just any other malware propagator with just any other self-righteous
rationalization.
Fourth, if /you /need educational "speed bumps" on /your /router, /you
/are free to have them. One of the great things about freedom - from
government or from meddling busybodies - is that /you /get to be free too.
For years my Firefox has had an option to "always use HTTPS", and I'm
sure all other modern browsers do as well. Plus, Mozilla.org has a free
plugin - I think it's from EFF.org - called "HTTPS Everywhere". It's all
very easy to use, and will be almost entirely transparent to Grandma.
On 3/20/2017 3:14 PM, Brien Dieterle wrote:
A system like I described would just be an "educational tool" to
encourage people to use HTTPS (properly). It wouldn't stop you from
accepting bogus certificates-- just a speed bump. Now that I've
thought about it I'd really like to install something like this on my
grandparent's router. . . heck, my own router. . .
On Mon, Mar 20, 2017 at 2:50 PM, Vara La Fey <[email protected]
<mailto:[email protected]>> wrote:
Oh HELL no!! What kind of hall-monitor nanny mentality do you want
people to adopt??
I accept "bogus" certificates all the time because the whole idea
of certificates is crap in the first place - they are NOT
maintained - and years ago I got tired of that procedure warning
me about "invalid" certificates for sites that were perfectly valid.
I've never had a problem. Of course I'm also careful where I go,
certificate or not.
- Vara
On 3/20/2017 2:12 PM, Brien Dieterle wrote:
Maybe every commercial router should do SSL interception by
default. If a user accepts a bogus certificate they are taken to
a page that thoroughly scolds them and informs them about the
huge mistake they made, forces them to read a few slides and take
a quiz on network safety before allowing them on the Internet.
Maybe do the same for non-ssl HTTP traffic, etc.. .
On Mon, Mar 20, 2017 at 1:55 PM, Matt Graham
<[email protected] <mailto:[email protected]>> wrote:
On Mon, Mar 20, 2017 at 12:29 PM, Victor Odhner
<[email protected] <mailto:[email protected]>> wrote:
I’m really annoyed that so many companies offer open
WIFI when it would be
so easy to secure those hot spots. Restaurants,
hotels, and the waiting
rooms of auto dealerships are almost 100% open.
[snip]
On 2017-03-20 13:20, Stephen Partington wrote:
This is usually done as a means to be easy for their
customers.
Pretty much this. Convenience is more valuable than security
in most people's minds.
they’d be happy to do the right thing if we could
explain it to the right people.
I'm not sure this would happen. Setting up passwords and then
distributing those passwords has a non-zero cost and offers
zero visible benefits for most of the people who are using
the wireless networks.[0] And as another poster said, what
about football/baseball stadiums? Distributing passwords to
tens of thousands of people is sort of difficult. "Just
watching the game" is not an option; people want to FaceTweet
pictures of themselves at the game.
OTOH, the last time I looked at the access points visible
from my living room, almost all of them had some sort of
access control enabled. Maybe there's a social convention
forming that "my access point" ~= "my back yard" and "open
access point" ~= "a public park"?
[0] Having a more educated user population would make the
benefits more visible, but it's very difficult to make people
care about these things.
--
Crow202 Blog: http://crow202.org/wordpress
There is no Darkness in Eternity
But only Light too dim for us to see.
---------------------------------------------------
PLUG-discuss mailing list - [email protected]
<mailto:[email protected]>
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
<http://lists.phxlinux.org/mailman/listinfo/plug-discuss>
---------------------------------------------------
PLUG-discuss mailing list [email protected]
<mailto:[email protected]>
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
<http://lists.phxlinux.org/mailman/listinfo/plug-discuss>
--------------------------------------------------- PLUG-discuss
mailing list - [email protected]
<mailto:[email protected]> To subscribe,
unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
<http://lists.phxlinux.org/mailman/listinfo/plug-discuss>
---------------------------------------------------
PLUG-discuss mailing list - [email protected]
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list - [email protected]
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
