From: dpreed@reed.com
To: "Maciej Soltysiak" <maciej@soltysiak.com>
Cc: cerowrt-devel@lists.bufferbloat.net
Subject: Re: [Cerowrt-devel] Nokia decrypts user's HTTPS to compress to improve speed
Date: Thu, 10 Jan 2013 09:58:00 -0500 (EST) [thread overview]
Message-ID: <1357829880.67618376@apps.rackspace.com> (raw)
In-Reply-To: <CAMZR1YAFhAs=_7hAiAjX12_QSBYxpFx1gUjEtwk-DjgimVKR0Q@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1366 bytes --]
I'm curious if they have data about how much compression they are achieving? Most HTTPS servers are set up by people who use quite a bit of compression in the payload (gzip of web pages, etc, "minification" of javascript), so I would hypothesize that the actual savings are minimal on the average.
However, it points out that there is a man-in-the-middle problem with HTTPS alone. Your phone's browser should be checking the certificates more rigorously than it does. It can do that quite easily, and I think the destination can do that in Javascript that comes with the pages.
"We don't look" is not a defense in the EU privacy regime, and probably not in the US one (though many US Senators think that ISP's looking at content is just fine).
-----Original Message-----
From: "Maciej Soltysiak" <maciej@soltysiak.com>
Sent: Thursday, January 10, 2013 9:46am
To: cerowrt-devel@lists.bufferbloat.net
Subject: [Cerowrt-devel] Nokia decrypts user's HTTPS to compress to improve speed
[http://yro.slashdot.org/story/13/01/10/1356228/nokia-admits-decrypting-user-data-claiming-it-isnt-looking] http://yro.slashdot.org/story/13/01/10/1356228/nokia-admits-decrypting-user-data-claiming-it-isnt-looking
Have a look at what corporations resort to when they're in need of serious debloating and things like TCP Fast Open? :-|
Regards,
Maciej
[-- Attachment #2: Type: text/html, Size: 1831 bytes --]
next prev parent reply other threads:[~2013-01-10 14:58 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-01-10 14:46 Maciej Soltysiak
2013-01-10 14:58 ` dpreed [this message]
2013-01-10 15:44 ` Michael Richardson
2013-01-10 16:50 ` Maciej Soltysiak
2013-01-10 21:51 ` dpreed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.bufferbloat.net/postorius/lists/cerowrt-devel.lists.bufferbloat.net/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1357829880.67618376@apps.rackspace.com \
--to=dpreed@reed.com \
--cc=cerowrt-devel@lists.bufferbloat.net \
--cc=maciej@soltysiak.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox