I'd like to get rid of pulseaudio but ... (Gene Heskett)
Gene Heskett
gene.heskett at verizon.net
Sun May 31 18:59:55 UTC 2009
On Sunday 31 May 2009, Chris Adams wrote:
>Once upon a time, Kevin Kofler <kevin.kofler at chello.at> said:
>> Most likely it's just a self-signed SSL certificate. Very common, and
>> Firefox stupidly throws a fit over it (which is dumb because it encourages
>> sites to just use unencrypted HTTP instead, which is even less secure, yet
>> gets through with no warning). Just OK the certificate.
>
>HTTPS with an unknown self-signed cert is barely any more secure than
>unencrypted HTTP, since a man-in-the-middle attack could just be
>replacing the cert and decrypting all communications.
>
>However, the reason to "throw a fit" is that end-users have been trained
>that "HTTPS == secure". They know that HTTP is not secure, but they
>don't know the details of how SSL/TLS work to know that "HTTPS with
>unknown cert != secure".
+1000
>--
>Chris Adams <cmadams at hiwaay.net>
>Systems and Network Administrator - HiWAAY Internet Services
>I don't speak for anybody but myself - that's enough trouble.
Yeah, my mouth has been known to write checks I then had to cover. :)
--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
The NRA is offering FREE Associate memberships to anyone who wants them.
<https://www.nrahq.org/nrabonus/accept-membership.asp>
A closed mouth gathers no foot.
More information about the fedora-list
mailing list