Emacs & TLS
Emacs & TLS
Posted Jul 12, 2018 20:26 UTC (Thu) by xtifr (guest, #143)In reply to: Emacs & TLS by mjthayer
Parent article: Emacs & TLS
Posted Jul 13, 2018 7:22 UTC (Fri)
by mjthayer (guest, #39183)
[Link] (1 responses)
True, but the line between facilitating and encouraging is rather fine, especially if those others are starry-eyed. And perhaps I should have also said something about people who did not choose to be involved getting caught in the cross-fire between thugs and those opposing them.
Posted Jul 19, 2018 5:38 UTC (Thu)
by Garak (guest, #99377)
[Link]
Emacs & TLS
Thugs and Rigged Systems
Pinning is what is done by sites like gmail to prevent third world dictatorships from using stolen certificate credentials to spy on their citizens. People who have been victims of this have had their email read, been arrested by state security forces for dissent, and have been tortured to death for lack of certificate pinning working in their browsers.
This reads too much like the opposite of "GMail will not save you". The phrase 'Citation Needed' also comes to mind. I find it very, very, very hard to believe that 'lack of certificate pinning working in their browsers' would have truly made all the difference in that/those specific examples if they really happened. I don't discount the theoretical plausibility of such a scenario- sure, one could write a screenplay where exactly that happened. But I think it's important to remember that there are a lot of state security forces out there with varying degrees of skill, competence, resources, etc.
If you live under a 'third world dictatorship' that 'tortures to death' 'dissenters', I would strongly advise not using crypto at all, or rather, using computers like everyone else does, but assuming the crypto is broken (like it undoubtedly is, or will become at some point). If you can't work your organized dissent without depending on crypto, I doubt it's going to work out well in the long run. $0.02... Good Luck.