Return Styles: Pseud0ch, Terminal, Valhalla, NES, Geocities, Blue Moon.

Pages: 1-

/prog/rider can't SSL.

Name: Anonymous 2017-02-21 5:31

Wave googbye privacy.

Name: Anonymous 2017-02-21 5:44

Why do you expect to have privacy on the open web and progrider? If you want privacy on the Internet, you have to use the proper tools and techniques.

Name: Anonymous 2017-02-21 6:17

So what exactly would be the advantage of having secure communication on a site like this?
I can think of 2 pointless scenarios:
- someone might intercept and read my message while submitting it to the public?!?
- someone might impersonate me (I'm this ``Anonymous'' guy, by the way) and change the content of my message to defame me?!?

Name: Anonymous 2017-02-21 6:20

>>3
Not all of us are Anonymous...

Name: Tom 2017-02-21 6:22

ANONYMOUS COWARD USE YOUR REAL NAME COWARDS

Name: Anonymous 2017-02-21 8:00

>>3
the fact that you don't know it despite being a /prog/rammer is indicative of the failure of cryptonerds to explain their ideas. the problem with unencrypted communication on a site like this is that an attacker can trivially MITM the connection and modify the content of the site. this can be funny if he just replaces everything written by Cudder with goatse but not so much when he puts browser exploit kits in there and you end up with a fuckton of ransomware.

Name: Anonymous 2017-02-21 10:36

>>1
What on earth are you talking about? I am currently connected to this site using TLS 1.2.

>>6
If your browser has known exploits you have bigger problems than someone MITMing progrider.

Name: Anonymous 2017-02-21 10:42

>>6
Actually this is the problem with unauthenticated communication, not unencrypted communication.

Name: Anonymous 2017-02-21 10:58

>>7
l2defense-in-depth

>>8
you're right, but authenticated communication is also a cryptographic problem and the algorithms used for it are based on cryptographic primitives (e.g. TLS creates keys with DH and then uses them for HMAC which is based on cryptographic hashing).

Name: Anonymous 2017-02-21 11:23

>>9
but authenticated communication is also a cryptographic problem
And? Authentication is still a different problem which solves totally different things.

TLS creates keys with DH
You can use static RSA/DSA keys
Or use ECDH(E) instead and thus generate some form of ECC keys.

and then uses them for HMAC
HMAC is entirely optional. You do not need it if you use GCM or something like Chacha20 + Poly.

Name: Anonymous 2017-02-21 11:30

Your ISP can see what your post if you don't use SSL or a invalid SSL.

Name: Anonymous 2017-02-21 12:08

>>11
What on earth is ``a invalid SSL'' supposed to mean?

Name: Anonymous 2017-02-21 12:14

>>12
Out of date! Admin-nigger-kike can't update a free SSL, FUCKING JEWS.

Name: Anonymous 2017-02-21 12:18

>>13
Don't talk about crap that you have no idea about please.

Name: Anonymous 2017-02-21 12:19

>>10
You can use static RSA/DSA keys
RSA is a pretty horrible idea though

Name: Anonymous 2017-02-21 12:24

>>15
How so? Most servers sign their DH/ECC keys with RSA.
If you talk about static RSA/DSA keys however then I will agree, is indeed quite evil.

Name: Anonymous 2017-02-21 12:26

>>16
yes, I meant static RSA/DSA without DH/ECC.

Name: Anonymous 2017-02-21 17:56

Don't trust sites with dead SSL's

Name: Anonymous 2017-02-21 18:13

>>18
Stop posting.

Name: Anonymous 2017-02-21 23:39

>>19
When the Jew-admin-Nigger fixes the ssl

Name: Anonymous 2017-02-22 10:19

>>20
It's not broken though.

Name: Anonymous 2017-02-23 3:13

DUCKZ
Don't change these.
Name: Email:
Entire Thread Thread List
All trademarks and copyrights on this site are owned by their respective parties. All comments and posts are the responsibility of their own posters.
- Tinychan + 2ch Mode + RSS -