UK Wants to MITM SSL Connections to Facebook/Gmail

The UK Government wants ISP’s to record secure transmission of messages with services like Facebook and Gmail, which are currently using SSL. I’d be curious to know how the UK government actually plans to pull this off. To pull that off they’d need to get browsers to include their root certificate so they can MITM Gmail and Facebook. I can’t see that happening.

Of course anyone really wanting to do something criminal will just employ a VPN to tunnel past these ISP’s, or encrypt messages using GPG. Therefore, I don’t see what the point is.

In The News Internet

The Web As We Know It Is Being Threatened

From Scientific American:

The Web as we know it, however, is being threatened in different ways. Some of its most successful inhabitants have begun to chip away at its principles. Large social-networking sites are walling off information posted by their users from the rest of the Web. Wireless Internet providers are being tempted to slow traffic to sites with which they have not made deals. Governments—totalitarian and democratic alike—are monitoring people’s online habits, endangering important human rights.

If we, the Web’s users, allow these and other trends to proceed unchecked, the Web could be broken into fragmented islands. We could lose the freedom to connect with whichever Web sites we want. The ill effects could extend to smartphones and pads, which are also portals to the extensive information that the Web provides.

– Tim Berners-Lee

The same web we credit with promoting freedom and taking down dictatorships is under attack itself. Will the web in 10 years still have the power to shift political power?

Tim Berners-Lee may know a thing or two about the web.

Personal Photos

The Outer Banks NC, Washington DC

Summer vacation along the east coast visiting The Outer Banks and Washington DC


Copyright Office Compatibility Update

Macworld notes that the W3C objects to the Copyright Office Browser Compatibility plan (I mentioned this a few weeks ago). There are two particular quotes I wanted to share:

While stressing that the W3C is not criticizing Internet Explorer, the W3C officials said the office would be placing limitations on users of the Mac OS, Linux and Unix, who may have incompatible browsers. Cell phone and PDA users, and persons with disabilities also may be affected, Berners-Lee said.

So well said of Berners-Lee. What about Linux users? Where do they download the latest Internet Explorer? The Mac version is the same as the PC version in name only.

The W3C also stressed that the Web “was born and achieved widespread use only because of a commitment to open, vendor-neutral standards.”

I think that sums things up rather well. Not just about the problem with this proposal, but the problem facing the Internet in general. It applies to some patents, and to some monopolies.

You can find the complete W3C letter here.


Copyright Office Compatibility

According to the Copyright Office:

At this point in the process of developing the Copyright Office’s system for online preregistration, it is not entirely clear whether the system will be compatible with web browsers other than Microsoft Internet Explorer versions 5.1 and higher. Filers of preregistration applications will be able to employ these Internet Explorer browsers successfully. Support for Netscape 7.2, Firefox 1.0.3, and Mozilla 1.7.7 is planned but will not be available when preregistration goes into effect. Present users of these browsers may experience problems when filing claims.

According to the website, the comment and 5 copies should be sent to:

Copyright GC/ I&R
P.O. Box 70400
Southwest Station, Washington, DC 20024-0400

I won’t go as far as a “call to action”, since support “is planned”, though this is very concerning to Mac and Linux users in addition to all Firefox users. Let them know that everyone should be able to access the system, regardless of your computer or browser.

I’ll try and follow this, and post an update when more information is available.

[Hat tip: CNet News]

In The News Politics Security

Real ID

Well obviously this stuff has been in the news a lot in the past 48 hrs. It’s interesting that it appears nobody in the senate even read this thing or they would have noticed some mistakes. According to the bill everyone must have one with their real home address on it. No PO Box, no business address, no aliases. The real deal, no exceptions. Who should have gotten an exception?

  • Police – especially undercover, and NARC’s whose lives are in danger as people are always trying to kill them.
  • Judges – we know very well that there are people willing to do harm to judges that don’t rule in their favor.
  • Prosecutors – also very hated by many people who would love for a card that has their home address
  • Elected Officials – who doesn’t hate them?

It should be noted that Title VII of the Civil Rights Act has several notable (and unethical) exceptions: Religious corporations, Bona fide tax exempt private clubs, Indian tribes, Elected state & local officials, their assistants, and immediate adviser’s, Jobs requiring national security clearance. That’s right. in 1964 the compromise was that while corporations could no longer discriminate in hiring, elected officials had the right to do so. They exempt themselves from the then controversial law so they could continue discrimination.

This time, nobody even an undercover cop or a judge has a legal means of not carrying an ID with their home address on it. Can you imagine the consequences now of a judge who accidentally looses their wallet or gets robbed?

Talk about inverted history. The Civil Rights Act should have no loopholes, meanwhile and this new Real ID bill should have exceptions for law enforcement so they can keep their families safe.

That about proves it. Nobody read the bill cover to cover. If they did: they would have at a minimum exempted judges, cops and some Homeland Security employees.

Oh yea, they are considering using RFID or equivalent technology for it. That means nobody needs to physically steal the card. Within a year or two of it coming out someone will hack around whatever encryption is on there. You don’t physically need the card, just get close enough to get the data off of it.

If I were a Judge putting the bad guy away, I’d be concerned about my own safety. That’s not a good thing.

I propose a minimum 10 year federal jail sentence for each time a lawmaker votes on (for or against) a bill they didn’t personally read cover to cover. Stuff like this episode a few months ago should result in a real jail for anyone who voted without reading (all of them, since nobody caught it). They are paid by tax dollars and entrusted to read and vote on laws. If they aren’t reading, they aren’t really voting. They are paid for nothing. That’s fraudulent.




This is the best thing I’ve heard in ages:

So true, so true. And F**** you Bush, F*** you Cheney, F*** Asscrot, F*** you FCC.


In The News Politics

Do not call list

They better get the Do Not Call List working soon. Apparently there have been some legal issues.

I can’t stand telemarketers. They drive me nuts. Don’t want to buy anything from some con-artist over the phone. The fact that a company uses telemarketing makes it an invalid company in my mind.

There’s no need to call, because I will not pay, buy, or vote for anything telemarketed. It just crosses you off my list.


In The News

Flight 93

Interesting report surfaced about Flight 93… wonder how long until people sue the federal government claiming the FBI made it up.