Skip to main content

Search

Items tagged with: https


 
#torrent #online #torrenttohttps #https #tls #ssl
Anyone heard of ZbigZ? Andyone heard of any alternatives to it?


 
I’m rather shocked that the Metropolitan Police isn’t using #https for their web service. And when you try https things get really weird. http://news.met.police.uk/news/update-arrest-of-julian-assange-365565
Bild/Foto
Bild/Foto
Bild/Foto
Bild/Foto


 
Automatic Certificate Management Environment (ACME) is officially RFC 8555 now:

https://tools.ietf.org/html/rfc8555

"This document describes a protocol that a CA and an applicant can use to automate the process of verification and certificate issuance. The protocol also provides facilities for other certificate management functions, such as certificate revocation."

#acme #certificate #ca #letsencrypt #infosec #cybersecurity #security #https #rfc8555


 
Mhmhm... that's sorta like a slippery slope argument....

I actually discussed a similar thing on #ccc in #ircnet, where someone wanted to embed some #http only(!) 3rd party site/content within his own #https served page....

This is usually impossible if you don't tweak your browser a lot because of defaults introduced because of security concerns.

I would (want to) believe that the same basics apply to file downloads embedded in https sites which point to non-encrypted (aka http/ftp) sources.

But i'm adult enough to know better. Getting your infrastructure up to be able to feed possible tons of downloading users while maintaining completely secured HTTPS (or even FTPS) connections, includes to weaken your very own security to be able to in... show more


 
Mhmhm... that's sorta like a slippery slope argument....

I actually discussed a similar thing on #ccc in #ircnet, where someone wanted to embed some #http only(!) 3rd party site/content within his own #https served page....

This is usually impossible if you don't tweak your browser a lot because of defaults introduced because of security concerns.

I would (want to) believe that the same basics apply to file downloads embedded in https sites which point to non-encrypted (aka http/ftp) sources.

But i'm adult enough to know better. Getting your infrastructure up to be able to feed possible tons of downloading users while maintaining completely secured HTTPS (or even FTPS) connections, includes to weaken your very own security to be able to in... show more


 
Voilà, j'ai mis un serveur #DoH (#DNS sur #HTTPS) temporaire en service juste pour une démo à #JDLL dimanche. https://doh.bortzmeyer.fr/ Ne le cassez pas, j'en ai besoin dimanche ! #soyezSympas

Mais vous avez le droit de le tester avec votre client DoH favori (Firefox, par exemple). Au lieu que ce soit un méchant GAFA qui voit toutes vos requêtes DNS, ce sera moi 😀


 
Fear of Terrorism - not only tor vpn but any form of encryption could become illegal in German - welcome to the 4th Orwellian Reich of mass surveillance

Mark my words: lawyers will destroy this world – their madness just hit a new high


Internet and Privacy activist Anke Domscheidt Berg says, this “roadmap” could lead to banning ANY FORM OF ENCRYPTION, not just tor onion network, which would be complete madness – just think about unencrypted logins!

Man in the middle could siffon your bank account passwords and steal your money.

After DSGVO and Article 3 / content upload filter, this it is just a new round of lawyer-madness.

it also just shows once more how much of a Washington-Puppet state the post-world-war-2 Germany has become and was allowed to be and how much in the Orwellian times we already l... show more


 

New Tools for Detecting HTTPS Interception


The practice of HTTPS interception continues to be commonplace on the Internet. This blog post discusses types of monster-in-the-middle devices and software, and how to detect them.
Article word count: 2306

HN Discussion: https://news.ycombinator.com/item?id=19423470
Posted by grittygrease (karma: 253)
Post stats: Points: 156 - Comments: 55 - 2019-03-18T18:08:10Z

#HackerNews #detecting #for #https #... show more


 
Now, #DoH (#DNS over #HTTPS) at #FOSDEM. By Vittorio Bertola.


 
Nouvelles de l'archive Dogmazic

Bonjour,

auditrices, auditeurs, musiciens et musiciennes conviés sur Dogmazic, pour commencer cette année voici deux bonnes nouvelles de l’archive:

La première, c’est que Aisyk a pu récupérer les droits d’accès au serveur ! Une personne de plus avec les accès, cela signifie plus de souplesse, de réactivité et d’indépendance pour la gestion des problèmes techniques de l’archive. Vous vous en doutez, c’est une très bonne nouvelle 😉

La deuxième, qui est une conséquence directe de la première, c’est que l’accès SSL au site est de nouveau opérationnel, merci à Aisyk et à Florian de s’en être occupé, lors d’un contrib’atelier 🙂

Donc il est de nouveau possible de se connecter au site de mani... show more


 
Verschlüsselung: Open SSL 1.1.1 überzeugt im Sicherheitsaudit #OpenSSL #Datensicherheit #HTTPS #SSL #TLS #Verschlüsselung #Internet #OpenSource #Security


 
I have to reopen #https://github.com/friendica/friendica/issues/5092 again. I would say we really should fix it before we release the new version


 
En changeant le VirtualHost par défaut, Bing ne se récupère plus des 404. "Crawler" sans SNI, en 2018, n'est-ce pas bête ?

#HTTPS


 
On trouve des tas de pubs de vendeurs d'armes numériques pour intercepter et déchiffrer des sessions #HTTPS https://www.symantec.com/products/ssl-visibility-appliance mais elles sont toutes en anglais. Vous en connaissez en français ? (C'est pour un article.)


 
Bon, comme la Terre entière, je suis passé à Let's Encrypt. Ce blog est désormais systématiquement en #HTTPS pour tout le monde. https://www.bortzmeyer.org/passage-blog-lets-encrypt.html


 
Anticipating a world where #HTTPS is the default, #GoogleChrome will stop marking sites #Secure and instead mark sites without it "Not Secure" https://blog.chromium.org/2018/05/evolving-chromes-security-indicators.html

Bild/Foto


 
Der Chrome-Browser kennzeichnet HTTPS-verschlüsselte Webseiten mit einem grünen Vorhängeschloss. Dieser Hinweis soll bald wegfallen, denn das Netz sei "safe by default", findet Google. #Browser #Chrome #Verschlüsselung #https