fsebugoutzone.org:9999

       Post AcF9Fs0ENTAI5LwBlI by karlieeuh@mastodon.social
 (DIR) More posts by karlieeuh@mastodon.social
 (DIR) Post #AbZV8c8Fld5nYKrZ5c by eff@mastodon.social
       2023-11-07T18:29:12Z
       
       2 likes, 12 repeats
       
       HTTPS encryption for EU residents is at risk, as the soon-to-be-passed Article 45 removes browsers’ control over security for their users. https://www.eff.org/deeplinks/2023/11/article-45-will-roll-back-web-security-12-years
       
 (DIR) Post #AbZgBOsIc4XMngvpEO by nanook@friendica.eskimo.com
       2023-11-07T20:37:56Z
       
       0 likes, 0 repeats
       
       Encryption or lack of it also affect non-EU members, NOT OK.
       
 (DIR) Post #AbZhLU5GCVJ3o2MmO0 by darkware@infosec.exchange
       2023-11-07T20:48:54Z
       
       0 likes, 0 repeats
       
       @eff They can&#39;t do it. They have no right to.
       
 (DIR) Post #AbZhLYM4Jx813KGG8m by nanook@friendica.eskimo.com
       2023-11-07T20:50:14Z
       
       0 likes, 0 repeats
       
       @darkware @eff Nothing short of a WW has stopped Germany from doing what it wanted to in the past.
       
 (DIR) Post #AbZjhub2VYiQJR3LGK by nanook@friendica.eskimo.com
       2023-11-07T21:17:27Z
       
       0 likes, 0 repeats
       
       The real solution to this is to create a separate public domain certificate registry that is based somewhere that doesn&#39;t pass these kind of bullshit laws like Iceland.  Then we can have a system we can actually trust and that doesn&#39;t rape us annually.
       
 (DIR) Post #AbZs2gOnHwWlzhjyRU by travis@nodespace.social
       2023-11-07T22:47:46Z
       
       1 likes, 0 repeats
       
       @eff I keep asking, but I never get an answer. Why does the EU hate the Internet so much?
       
 (DIR) Post #AbZs2lsOvIBIyydBmi by nanook@friendica.eskimo.com
       2023-11-07T22:50:51Z
       
       0 likes, 0 repeats
       
       @travis @eff Perhaps because people being able to communicate directly gets rid of the need for a good portion of goberment.
       
 (DIR) Post #AbapYOhGXBgFedltMO by mcfly@milliways.social
       2023-11-08T09:43:57Z
       
       0 likes, 0 repeats
       
       @eff so - how is that supposed to work with open source browsers?I think that would be really hard to verify and users can easily be non-obedient.Criminals will just use open source software repositories from outside of the EU.
       
 (DIR) Post #AbapYPvTxoe9T1Ql9s by nanook@friendica.eskimo.com
       2023-11-08T09:57:18Z
       
       0 likes, 0 repeats
       
       @mcfly @eff The idea is if they make the keys available to goberment, then goberment can install man-in-the-middle attacks to see whatever they want.
       
 (DIR) Post #AbavaUdg0oHKO6TWts by mcfly@milliways.social
       2023-11-08T10:54:59Z
       
       0 likes, 0 repeats
       
       @nanook @eff I understand the text in a way that in the certificate storage of a Browser there needs to be the certificates that the EU member states wants to be in there. (which they obv have the keys to). It also enforces that certain security checks are not done on that certificate. I guess that points to HSTS and certificate pinning.  The proposed law text talks specifically over the browser, certificates within the browser and security checks the browser is allowed to do. And that just sounds really stupid. I can just delete certificates or - when the browser vendor makes that impossible - get a browser from outside of the EU. As someone who does this security in software development i can even build my own browser  and install that. There is no key retention over the certificate keys. Its plainly teh same approach than a SSL interception device in a company.Maybe in communication we should not only point out that this is a really stupid idea for internet security and safety but also super trivial to bypass for malicious actors.
       
 (DIR) Post #AbavaVaWU1LlKc0Wci by nanook@friendica.eskimo.com
       2023-11-08T11:05:09Z
       
       0 likes, 0 repeats
       
       @mcfly @eff I haven&#39;t read the word of the law so don&#39;t have a full understanding of it, but even now when I look at Linux, there are Microsoft keys there, I don&#39;t trust them anymore than government.
       
 (DIR) Post #AbdAJRJV0gIwmPHdr6 by istvan@noagendasocial.com
       2023-11-09T12:59:49Z
       
       1 likes, 0 repeats
       
       @travis @eff Because it’s the last place people can semi-anonymously take the piss out of their leaders.
       
 (DIR) Post #AbdEeatGzv2mNdMKqu by gvs@rebelbase.site
       2023-11-09T13:48:26.990815Z
       
       1 likes, 0 repeats
       
       The take away is that when this passes, we should distrust all CA&#39;s and verify certificates on important servers another way.BTW, this attack was already used against a Russian xmpp server at Hetzner. The trust model is fundamentally broken
       
 (DIR) Post #AcF8rEGiSMRNtztmJk by jeffcliff@shitposter.club
       2023-11-27T20:42:29.995139Z
       
       0 likes, 0 repeats
       
       so...how did this go?
       
 (DIR) Post #AcF95juraXj06qb2Cu by jeffcliff@shitposter.club
       2023-11-27T20:45:09.620656Z
       
       0 likes, 0 repeats
       
       we should be doing that anyway tbh
       
 (DIR) Post #AcF9B1fyz6iIdg9mYC by jeffcliff@shitposter.club
       2023-11-27T20:46:07.001606Z
       
       0 likes, 0 repeats
       
       because the internet, at least in principle, allows people to coordinate and communicate without the permission of the central soviet^WEU commission.
       
 (DIR) Post #AcF9Chi2By9LI9utBg by cshentrup@mastodon.social
       2023-11-08T01:09:23Z
       
       1 likes, 0 repeats
       
       @eff holy shit the eu is fucked.
       
 (DIR) Post #AcF9FD4kXlPz9Ujic4 by jeffcliff@shitposter.club
       2023-11-27T20:46:52.333090Z
       
       0 likes, 0 repeats
       
       remember that next time someone complains about brexit (or russia in ukraine)
       
 (DIR) Post #AcF9Fs0ENTAI5LwBlI by karlieeuh@mastodon.social
       2023-11-08T06:26:02Z
       
       1 likes, 0 repeats
       
       @eff @lolopb “you get ZScaler! you get Zscaler! every one gets Zsscaler!”
       
 (DIR) Post #AcF9GoMvNFmR6X08Bc by fluxwatcher@mastodon.social
       2023-11-07T21:05:37Z
       
       1 likes, 0 repeats
       
       The worst part of all is that you won&#39;t find any serious sources (at least in #Spain) talking about it and addressing the problem.This self-damaging provincial attitude will cost us dearly.@eff #eIDAS2 #Europe #Privacy
       
 (DIR) Post #AcF9In43C8lddc7ILQ by lanartri@mastodon.social
       2023-11-07T18:42:48Z
       
       1 likes, 0 repeats
       
       @eff for other countries, europian people easily told “why don’t you fight with dictatorship?”, now we’ll see them
       
 (DIR) Post #AcF9IpCdFCouGo9Azw by lanartri@mastodon.social
       2023-11-07T18:48:55Z
       
       0 likes, 0 repeats
       
       @eff and let’s see what browsers will do, for similar issue mozilla’s blog against kazakhstan government,https://blog.mozilla.org/netpolicy/2020/12/18/kazakhstan-root-2020/
       
 (DIR) Post #AcFPkbZ58qYpLcurxY by caekislove@gleasonator.com
       2023-11-27T23:51:48.499602Z
       
       1 likes, 0 repeats
       
       @jeffcliff @cshentrup @eff EUians voted for oppression and boy oh boy has Brussels delivered on its promises!