Secure Messaging in Ubuntu
Karl Auer
kauer at biplane.com.au
Sun Sep 8 10:52:08 UTC 2013
On Sun, 2013-09-08 at 12:21 +0200, Alan Holt wrote:
> I disagree,
Me too.
> NSA use stolen SSL certificates or they ask to get real one from companies
> like Google or Yahoo. To decrypt 2048 bit SSL is physically unpossible.
Also, SSL (and it's use on the web) is just one form of online
encryption. It has always been vulnerable to non-cryptographic attack -
there have been several high-profile compromises of certificate
authorities, for example.
At risk are all forms of communication[1] that rely on trusted third
parties, especially and particularly American ones, because these
parties have shown that they *cannot* be trusted. Some are known to have
cooperated (possibly unwillingly), with criminals such as the NSA. And
that puts the rest of them under suspicion.
Regards, K.
[1] Such as SSL, S/MIME, and any VPN not using self-generated
certificates...
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)
http://www.biplane.com.au/kauer
http://twitter.com/kauer389
GPG fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A
Old fingerprint: AE1D 4868 6420 AD9A A698 5251 1699 7B78 4EEE 6017
More information about the ubuntu-users
mailing list