| |||||||||||||
Fraudulent *.google.com certificate issuedFraudulent *.google.com certificate issuedPosted Sep 3, 2011 11:54 UTC (Sat) by raven667 (subscriber, #5198)In reply to: Fraudulent *.google.com certificate issued by dashesy Parent article: Fraudulent *.google.com certificate issued
It is worth pointing out that the DigiNotar compromise may likely result in a loss of life, that is not an overreaction, highlighting how the amount of trust put into CAs is probably misplaced
(Log in to post comments)
Fraudulent *.google.com certificate issued Posted Sep 3, 2011 19:52 UTC (Sat) by endecotp (guest, #36428) [Link]
> It is worth pointing out that the DigiNotar compromise may
> likely result in a loss of life
That would require that the supposed dissident were actually using their e.g. gmail email account to discuss incriminating matters. I consider SSL to be strong enough to protect my credit card numbers, but that's a long way from saying that I would trust my life to it. I would hope that people in that position would think very carefully about what sort of communication they would trust.
Fraudulent *.google.com certificate issued Posted Sep 6, 2011 18:09 UTC (Tue) by dashesy (subscriber, #74652) [Link]
A citizen journalist (well it means an ordinary guy with a cellphone) takes a video showing violent crackdown on street unrest. Later she sends the video to Youtube, which is linked against her Gmail account. It is not exactly discussing incriminating matters. In fact government cannot arrest people for daily jokes they make about Ahmadinejad, because they may have to put everyone behind bars then.
You are right however, one should take extra precautions. No matter what the odds or reason to be arrested for, it only takes a hard enough blow to head to be considered dead. Together with a transparent proxy, a dummy Gmail account does not waist too much bits and bytes.
|
|||||||||||||