fsebugoutzone.org:9999

       Post AIZRf86zSBbfHsjHTU by adnan360@mas.to
 (DIR) More posts by adnan360@mas.to
 (DIR) Post #AIZRYtMBOooJmvrRvU by adnan360@mas.to
       2022-04-18T10:13:31Z
       
       0 likes, 0 repeats
       
       I was accessing a website today and checking the #SSL/#TLS certificate, it turns out that it&#39;s from Amazon! That was a #FOSS project using a certificate from #GAFAM family.
       
 (DIR) Post #AIZRYu5Yg76g3f5geW by adnan360@mas.to
       2022-04-18T10:19:20Z
       
       0 likes, 3 repeats
       
       We know that #cloudflare has access to everything the user does, #unencrypted, on a website. [https://serverfault.com/a/662951]TLS/SSL can be #MITM attacked by powerful organizations to expose unencrypted content, including user passwords. [https://wiki.openrightsgroup.org/wiki/TLS_interception , https://www.makeuseof.com/tag/what-is-root-certificate/ , https://security.stackexchange.com/a/71261]
       
 (DIR) Post #AIZRf86zSBbfHsjHTU by adnan360@mas.to
       2022-04-18T10:23:23Z
       
       0 likes, 1 repeats
       
       Do you want to use your own self-signed certificate to protect against it? Too bad.Popular software are gradually breaking or stopping supporting this functionality in the name of security or complaining that it&#39;s too complex to maintain. This includes free and open source projects.Those projects suggest using #letsencrypt instead, which being a western organization is not immune to coercion. So back to square one.
       
 (DIR) Post #AIZRf8rmeD2Ld0cePY by gabriel@mstdn.starnix.network
       2022-04-18T10:25:26Z
       
       0 likes, 0 repeats
       
       @adnan360 Those projects suggest using #letsencrypt instead, which being a western organization is not immune to coercion. So back to square one.I am pretty concerned about this.As far as I&#39;m aware the only other contingency would be Tor hidden services (or similar options)
       
 (DIR) Post #AIZRmLd1b5pZEg9fxw by adnan360@mas.to
       2022-04-18T10:24:22Z
       
       3 likes, 2 repeats
       
       If we can&#39;t trust cloudflare, how can we trust HTTPS? And if we can&#39;t trust HTTPS maybe it&#39;s time we start using something else? Perhaps .onion or .i2p services?#hiddenservices #tor #i2p #i2pd #eepsites
       
 (DIR) Post #AIZRs5N2xKZwYDPwUC by mint@ryona.agency
       2022-04-18T10:27:41.171387Z
       
       1 likes, 1 repeats
       
       @adnan360 &gt;GAFAMCall it FAGMAN, don&#39;t be afraid.
       
 (DIR) Post #AIZRw7T36NvSDE9GYC by adnan360@mas.to
       2022-04-18T10:28:30Z
       
       0 likes, 0 repeats
       
       @gabriel Yes. This way we don&#39;t have to trust any other party. The communication is end to end encrypted and protected by tor. Data goes directly between server and user, with just the network to think about.