Kevin’s Techdirt Profile


About Kevin

Kevin’s Comments comment rss

  • Aug 25th, 2017 @ 2:00pm

    Re: Re:

    This is just the formal ending, the program unofficially ceased on January 29th, 2015.

    The latest Choke Point letter is a response to a request from August 10th, predating Charlottesville. The official termination of the program has nothing to do with "Racists" -- Non-partisan groups like ACA International have been pushing for this change for years

  • May 12th, 2017 @ 1:15pm

    Re: Re: Re: Re: Re: Re: Re: Re: Just Checking

    While requiring some sort of psych eval might sound attractive, take a look at the complaints against the system in parts of Rhode Island to see how this is abused.

    Forget having a psychologist sign-off, I'd like to see a simple spelling test before people are issued a Twitter ID.

  • Nov 30th, 2014 @ 2:01pm

    Re: SSL

    The same BlueCoat Proxy technology that Syria was caught using can Man-In-The-Middle (MITM) SSL interception, so https everywhere is not a panacea against hostile regimes! Even without breaking SSL, a firewall can still detect the website being accessed (through lookup tables or TLS+SNI), so when everything goes to https, blocking by domain will still succeed.

    For more granular blocking, Syria would need to break SSL/TLS through MITM. Browsers detect these privacy breaking proxies, so for users to not see warning messages, the "attacker" needs a Certificate Authority (CA) signing certificate that the user trusts, either control of a CA that is in the default key set shipped with the OS or browser, or the ability to push a key down to the client.

    As a measure of security, the latest Firefox includes "Public key pinning" which limits which signing certificates will be trusted for a small set of very popular and often-targeted HTTPS sites, including Twitter.

    Realistically, hostile environments with no need to stealth will just force MITM on all sessions and block anything that looks like encrypted traffic (e.g. Tor). It's not like Syria has to worry about their reputation getting any worse.

  • Nov 30th, 2014 @ 1:46pm

    Re: twitter was caught?

    twitter was caught scanning peoples hard-drives for 'unlicensed' software but then tried pathetically to claim it was doing this for the good of it's users.

    That's news to me. I know Steam was caught scanning users HDs for cheat tools, maybe that's what you are thinking of?

    Specifically, I've never heard of any social platform that scanned user hard-drives for 'unlicensed' software, only gaming platforms.

  • Oct 14th, 2009 @ 8:09am

    Re: Re: Look at both sides of the issue

    Even if Skype were to share their encryption code, if it's properly implemented knowing how the software is written will not allow for eavesdropping.

    For that, Skype would need to share their encryption keys, which they won't admit to having shared with any outside agency.

    You think Skype pisses them off, wait until people start using Zfone in any substantial way.