Yuri
2017-Dec-08 04:47 UTC
http subversion URLs should be discontinued in favor of https URLs
On 12/07/17 15:16, Jason Hellenthal wrote:> The truly paranoid types that don?t want anyone to know they are using FreeBSD apparently. > > Honestly if they are that worried about http then get a private vpn tunnel and run through that instead !Some people aren't aware that they use http, and enable Tor because they think that it improves privacy. It's very easy to use such setup inadvertently. Yuri
Poul-Henning Kamp
2017-Dec-08 07:22 UTC
http subversion URLs should be discontinued in favor of https URLs
-------- In message <83e44188-6e0d-13cc-4b80-d191ac010427 at rawbw.com>, Yuri writes:>On 12/07/17 15:16, Jason Hellenthal wrote: >> The truly paranoid types that don?t want anyone to know they are using FreeBSD apparently. >> >> Honestly if they are that worried about http then get a private vpn tunnel and run through that instead ! > > >Some people aren't aware that they use http, and enable Tor because they >think that it improves privacy. It's very easy to use such setup >inadvertently.And for this reason you want the FreeBSD project to take a politically stupid position in the war between IT-liberalists and all the worlds governments ? No thanks. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk at FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Michelle Sullivan
2017-Dec-08 10:29 UTC
http subversion URLs should be discontinued in favor of https URLs
Yuri wrote:> On 12/07/17 15:16, Jason Hellenthal wrote: >> The truly paranoid types that don?t want anyone to know they are >> using FreeBSD apparently. >> >> Honestly if they are that worried about http then get a private vpn >> tunnel and run through that instead ! > > > Some people aren't aware that they use http, and enable Tor because > they think that it improves privacy. It's very easy to use such setup > inadvertently.Ding! Ding! Ding! we have a winner! This is about privacy and anonymity rather than security then... Sorry you want to ensure a secure (trusted) connection you do it yourself. You go through other nodes (switches and routers of the normal internet) you make a choice... do I trust them to deliver my packets untampered with or not? I know there are nodes out there that are doing monitoring and filtering and even returning bad data (accessing a certain 58 servers/IPs in Australia will have all HTTP spoofed to return a static message that has nothing to do with those 58 servers... I now run a proxy on a network I trust and a VPN to that network (all of which are in Australia) and don't have my packets intercepted.) If you're running your connection over Tor, you're running over a second layer with people out there that are not even necessarily trustworthy, many are people that they themselves use Tor for legally questionable actions, many for perfectly valid (though legally questionable) reasons.. (think: penetration testers - even commissioned ones).. but by using Tor you are accepting the risks in the knowledge that your data is traversing a network where people with questionable legal motives/positions... So basically you want everyone to double their resources so that you can risk using an inherently untrustable network in the name of privacy... which in many cases you won't have anyway (because if the person doesn't know they are using http, then there is a pretty good chance they haven't secured their browser so it's spewing tracking cookies and other privacy defeating headers anyhow!) Enough please! Michelle