Re: Better late than bleeding edge?
The trouble with the increased encryption is that it makes life for everyone a lot harder than it needs to be and most people get very little benefit from it. People have confused the need to know content is not tampered with the need to hid what you are doing. The ill informed mass move to HTTPS makes everything slower because it kills proxies.
Exactly the same issue with DNS and HTTPS - it's a completely stupid idea and what's worse - it's very hard to block. What this does mean is that going forwards my own top level cert will be installed on machines in my local network and all web traffic will be going via active man-in-the-middle proxying (i.e. my web proxy generates fake SSL certs on the fly and decrypts and re-encrypts traffic). This will allow me to block this mess - however I'm now actively breaking the entire SSL security model.
Kids these days - havne't got a clue :(
1) When I'm browsing the BBC new website - I care that the content I get is from them - but it's public content
Biting the hand that feeds IT
