On 12/11/16, xnoreq <xno...@gmail.com> wrote: > What horror are you talking about? People rejoice that "strong" encryption > is finally gaining widespread adoption for the benefit of everyone.
I don't care what people rejoice while my browsing experience gets shittier and shittier. They seem not to experience my problems. Look for example at those Grey on Grey fonts that max out all your cpu cores while they wobble up and down and you're supposed to figure out how to right-swipe with a trackpoint. Look at those auto-playing videos, disturbing your concentration and enjoyment of anything, they themselves completely uninteresting, but still prefixed with a horrible loud advertisement of some product nobody needs. And most of all, I don't need encryption on the http layer for 99% of my tasks. They force it down my throat, in the least acceptable way. Meanwhile they didn't even manage to make a real transparent, authenticated and encrypted session layer for the web: Cookies are transferred inband http, encryption a layer below, authentication on two different layers at the same time, one in-band (some horribly broken javascript that complains when your password is too long, sending json-rpcs to the horribly overloaded node.js server) and another one a layer below together with the encryption, but also requiring me to load hundreds of broken x.509 certificates and to trust everyone and their dog even if all I wanted to access was my OWN web platform (probably the only thing where i might care about the level of security anyway). Eavesdroppers commonly would sit inside the local network, or even just sniff on the public wifi, for that i have an encrypted tunnel that works just fine. Why should I be less worried now whether my ISP or some transit can read my data? My browser already trusts their certificates anyway. Browsers actively prevent self-signed certificates by treating them *worse* than sites with no encryption at all. And you're saying it's ME who is against encryption? What other effects does all this horror have? Well, for example I can't update my web site passwords automatically, because every website requires a different dance (and specific cipher sets, browser and javascript versions, and possibly webgl and what have you for the captcha). I can't login, at all. i can't block unsafe javascripts centrally, regardless of used browser or device (Opera does this really nicely, but most other devices and browsers don't do it at all, at least out of the box). I can't have any *meaningful* level of security, so I won't use my browser for really important things anyway. Oh, and did anybody say semantic web? Clearly we need more human-unreadable content, right? Captchas and javascript are too easy. I could fix a selected number of frequently visited, important broken web-sites on-the-fly by proxying them through my scripts, so that I can remove CSS, javascript, other distracting crap, thus I could use them without pain on any device and without specific SSL cipher requirements. > Opera 9? Why would you use this old, outdated and vulnerable piece of junk > to browse the www? It's not outdated if you leave away the horrible vulnerable piece of junk that is javascript. I have even CSS disabled on most websites. And it's getting more and more rewarding (as long as it works without ssl) as websites get less and less usable on modern web browsers anyway. > And why do you need to introduce an extra layer of caching anyway? Is Opera > 9 unable to cache content? Opera itself does caching just fine, probably the closest to polipo that i've encountered yet. I'm sometimes on slow 64kbit/s uplink while there are more than 1 users and devices. Also, polipo gives more detailed control about the caching. I can save a lot of traffic with polipo. Also, I can pre-load common websites I frequent into the cache during night hours. You can do that with wget for example. I just don't want polipo to die. The web era has only really started now. ------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today.http://sdm.link/xeonphi _______________________________________________ Polipo-users mailing list Polipo-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/polipo-users
