Will LetsEncrypt work? Who's to say. I hope so. There are several problems with SSL right now, perhaps the biggest of which is that we're supposed to pay for certificates. A system that makes you pay extra to be secure is one which advocates, explicitly, insecurity.
Oh, I can use CACert, and I do and I like it, but then servers might not talk to my server and Google might downrank me. Plus, my relatives who aren't computer-savvy get confused and tell me my site is broken. That's not so bad ... education is important, so I explain to them no, it's actually safe and here's why. Or I can use StartSSL, but then I can't revoke certificates without paying, and anyway StartSSL's web interface is annoying to operate.
Can anyone explain to me why federation on pump.io shouldn't work on CACert certificates? Other than, "the library is set up that way". If you want to blame the library, I'm OK with that, but then let's see about changing libraries.
As an aside, older versions of IE crash on self-signed certificates. That was annoying as hell, when my old work machine would crash on loading my personal website.
The CA system has many problems that many of people have articulated in elegant ways, but the biggest, the far biggest problem from my point of view, is that it tells us we have to pay real money if we want to secure our systems. That is just plainly bad.
Still quite early in this project but, KDE connect is looking quite nice so far.
With this set up, I can see notifications from my devices on my desktop, check battery levels, easily transfer files from the devices to my desktop, etc...
More functionality is planned but, so far I'm loving it. ;)
#KDE #Android #awesome
- Augh! Found my load problem on identi.ca. I had a script that was checking for the forever process and restarting it if it was down (yes, I understand recursion). Since I'm running pump.io via upstart now, it was just spinning.
Looks like it's at low load, and it's going to stay there.
In light of recent #NSA news about back doors, let me make some armchair general observations.
As for the NSA asking companies for back doors.
- Probably any major email provider or ISP has been contacted by the NSA and asked for a back door. Possibly other organizations than just the NSA.
- Some companies no doubt agreed, especially those who made money by agreeing, like probably some major phone companies.
- Some companies probably didn't agree except their lawyers said they had to.
- Probably major Linux organizations have had similar requests made.
- If your ISP or email provider has not commented on NSA spying, particularly after you've asked them specifically about it, it probably means they've been complicit in some way. Every company that hasn't been complicit gets an automatic boost in their reputation with all the privacy nuts. (And by privacy nuts I mean to include the majority of Americans, since the majority of Americans value privacy.)
As for #NSA responses and future steps.
- The NSA has learned that they can lie and nothing bad happens.
- Therefore making new rules is pointless, because the NSA will ignore them and lie about it.
- Making new rules could become pointful if the NSA were largely gutted or restructured. But the NSA is very powerful, so this is hard to do.
- Regarding lying about spying, ditto for politicians.
As for spying and abuse of the system.
- Snowden had access and threw away his life as he knew it to reveal secrets.
- Others had as much access.
- Even the NSA doesn't know who has access. That's how many people have access.
- Surely somebody has gotten some information from the NSA's giant data gathering machine and used it to either (a) make money or (b) blackmail people in order to (a) make money or (c) gain power in some fashion. There are (or at least were) too many people with too much access and there's too much money to be made to imagine otherwise.
- If you think the previous point is silly, ask yourself this: Do the greedy shady people outnumber the whistleblowing population?
As for future steps.
- The goal for me, and for most of us, was never to stop all spying or all observation. That's impossible and kind of pointless.
- The goal is to make the excessive and bad spying expensive, either in cash or in resources, and therefore not feasible. As such, using crypto of any kind is a good start, and using better crypto is a good follow-up.
- Decentralization is also very good.
I have finally ordered myself a moka pot... :)
#coffeeShow all 5 replies
- Thunderbird 24 Is Days Away, Mozilla Gets Back To Work http://www.thepowerbase.com/2013/09/thunderbird-24-days-away-mozilla-gets-back-work/
David Nelson likes this.
Now if someone could come up with a study showing using pump.io makes us happy ?!
Evan Prodromou shared this.Show all 6 repliesHypothesis: Pump does not make you said.
Experiment: Test group (Anthony) uses Pump for a period of one month. Control group uses Facebook for one month.
Results: Pump, like statusnet. Is the only social networking software the test group was able to tolerate. Control group ripped off ears and proceeded to eat them.
Conclusions: Pump probably doesn't make you sad.
Just found out that my brother and his girlfriend are expecting. Guess there will be another Pope in the world in early '14. ;)
Want to support FOSS and mobile phones? Here you go. Firefox phone now available in the UK: http://www.ebay.co.uk/itm/ZTE-Open-3G-Unlocked-Firefox-OS-Cellphone-Orange-Ebay-exclusive-/171104024854?pt=UKMobilePhones&hash=item27d6983916 …
axel shared this.
Remember how NSA cheerleaders used to tell you, "Don't use encryption, because it catches the NSA's eye, and then they'll look at you more carefully."
What do we make of that advice now that we know the NSA is looking at everyone carefully? Best I can tell, it means we all gotta use encryption just to make their haystack a haystack full of noise. Then they can have a lot of fun with it all and we won't worry quite as much. :-)
David Nelson likes this.
One of my favorite moments from BarCamp Blackpool.
Freaky Clown "Yes, I'm not very good with names unless they're weird.
Me "Hi there I suspect you have no idea who I am?"
Freaky Clown "I'm afraid not.
Me "My nick is dick_turpin"
Freaky Clown "Oh God yeah, I know you!"
- Flickr down? Now's a good time to check out MediaGoblin, a FOSS photo/video/audio/more sharing system you can run: http://mediagoblin.orgI can't even keep track of the stuff Yahoo is buying up and destroying. So if you didn't already have enough reason to switch to something better this is it. I myself do not have a use for such things yet due to my lack of real non-text-content sharing, but I'll certainly use it when the time comes.