4 posts • joined 26 Aug 2011
Re: Why can't they use their own, internal certificates?
Sure they can use their own, Internal certificates. But, regardless of the arguments about data protection / snooping whatever: issuing a certificate in the name of Google when you have no authority to do so is plain fraud.
Verified by: your boss.
It's a joke, and a lie.
What's worrying here is that it wasn't internal certificates, it was much worse. It was a certificate vendor who's certificates are trusted by the majority of browsers worldwide.
Re: DL0: 167300 g (Air traffic control)
UK Air traffic control retired their (last) PDP11 in 2006. It is on display at the National Museum of Computing at Bletchly Park.
Crypto wouldn't have helped
Alice has her e-mail client set up to send encrypted messages to Bob, and Stoke city council. She writes a message to Stoke City council, but sends it to Bob by mistake.
So her mail client, being clever, encrypts it for Bob. So, Bob can decrypt it (because Bob is allowed to decrypt mail that's been encrypted for him right?), and sees a confidential message that should have been sent to Stoke.
To put this in the context of PGP encryption. Alice would have a public key for Bob and a public key for Stoke. If she sends a message to Bob using, say, Thunderbird, then Thunderbird will select Bob's key, because it will naturally be unaware that Bob isn't the intended recipient.
Video doesn't work in Firefox...
Indeed I can confirm this, doesn't work on my Firefox 6 on 64-bit Linux.
Works with Chrome though.
- Analysis iPhone 6: The final straw for Android makers eaten alive by the data parasite?
- First Crack Bloke buys iPHONE 6 and DROPS IT to SMASH on PURPOSE
- First Fondle Register journo battles Sydney iPHONE queue, FONDLES BIG 'UN
- Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
- TOR users become FBI's No.1 hacking target after legal power grab