Stories
Slash Boxes
Comments

SoylentNews is people

Honoring Peter Eckersley, Who Made the Internet a Safer Place for Everyone

posted by hubie on Thursday September 08 2022, @11:57PM   Printer-friendly

upstart writes:

Honoring Peter Eckersley, Who Made the Internet a Safer Place for Everyone:

With deep sadness, EFF mourns the loss of our friend, the technologist, activist, and cybersecurity expert Peter Eckersley. Peter worked at EFF for a dozen years and was EFF's Chief Computer Scientist for many of those. Peter was a tremendous force in making the internet a safer place. He was recently diagnosed with colon cancer and passed away suddenly on Friday.

The impact of Peter's work on encrypting the web cannot be overstated. The fact that transport layer encryption on the web is so ubiquitous that it's nearly invisible is thanks to the work Peter began. [...]

While encrypting the web would have been enough, Peter played a central role in many groundbreaking projects to create free, open source tools that protect the privacy of users' internet experience by encrypting communications between web servers and users. Peter's work at EFF included privacy and security projects such as Panopticlick, HTTPS Everywhere, Switzerland, Certbot, Privacy Badger, and the SSL Observatory.

His most ambitious project was probably Let's Encrypt, the free and automated certificate authority, which entered public beta in 2015. [...]

By 2017 it had issued 100 million certificates; by 2021, about 90% of all web page visits use HTTPS. As of today it has issued over a billion certificates to over 280 million websites.

[...] Peter left EFF in 2018 to focus on studying and calling attention to the malicious use of artificial intelligence and machine learning. He founded AI Objectives Institute, a collaboration between major technology companies, civil society, and academia, to ensure that AI is designed and used to benefit humanity.

Original Submission

 
This discussion was created by hubie (1068) for logged-in users only, but now has been archived. No new comments can be posted.
Honoring Peter Eckersley, Who Made the Internet a Safer Place for Everyone | Log In/Create an Account | Top | 4 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)

  • (Score: 3, Informative) by Anonymous Coward on Friday September 09 2022, @03:00AM

    by Anonymous Coward on Friday September 09 2022, @03:00AM (#1270876)

    While I never looked to see who wrote it, I've enjoyed Privacy Badger for many years. Not quite the same as an ad blocker, it blocks pages with trackers. In general everything "just works" for my browsing and only a limited number of adds and other annoyances get through.

  • (Score: -1, Troll) by Anonymous Coward on Friday September 09 2022, @07:03AM

    by Anonymous Coward on Friday September 09 2022, @07:03AM (#1270889)

    The impact of Peter's work on encrypting the web cannot be overstated.

    And quite easily too.

    "Without Peter's work, billions would have died from the grey goo apocalypse."

    "Peter's work has eliminated cyber-crime everywhere in the solar system."

    "The work that Peter has done saved just one company Click here to see which one! [dewey-cheatham-howe.com] USD$500 Trillion, let alone the other 800 million corporations that have each saved at least USD$40 Billion."

    I could go on, but one gets the point, no?

  • (Score: 2, Interesting) by Anonymous Coward on Friday September 09 2022, @05:39PM

    by Anonymous Coward on Friday September 09 2022, @05:39PM (#1270987)
    Looking at that diagram with the smiley face I don't see how what he did actually helped that much in making things safer. Because the plaintext bit is between Google's front end servers and their other servers. e.g. the threat was within Google's systems itself.

    So none of that TLS, HTTPS everywhere or Let's Encrypt stuff would have helped. And do you really want to bet that that applied only to Google?

    Thus I'd say Snowden did more to improve actual security if Google etc really secured things vs the NSA etc as a result of his leaks.

    Secondly most of the popular browsers by default still don't warn you about CA changes for a site's cert. Yes there's stuff like HSTS but I prefer a solution that is under my control - not involuntarily forced onto my browser. And also the browsers keep doing scary warnings over self-signed certs. The fact is self-signed certs can actually be safer. After all the same concept works for SSH - you can check the cert fingerprint of your ssh server or bank website and if it's OK you could tell your SSH client, web browser - this cert is OK, just warn me if it ever changes in the future. And that's actually safer than the current system where random CAs could be tricked into signing fake bank cert and your browser might trust it and never warn you.

    That said I am grateful for Let's Encrypt since it makes whitewashing security much cheaper - e.g. people don't get scary warnings on their browsers when they visit my sites. Makes putting on the show much cheaper. Those "security" people say 1 year certs are more secure than 2 year certs and force everyone to no longer support 2 year and longer certs, so using their logic it means Let's Encrypt's 90 day certs are even safer than 1 year certs ;). Go think about that on whether the industry is really about security or it's about something else.

  • (Score: 0) by Anonymous Coward on Friday September 09 2022, @11:41PM

    by Anonymous Coward on Friday September 09 2022, @11:41PM (#1271049)

    Wonderful. I'm going to found an institute to ensure tools are only used to benefit humanity. Words too. Send donations asap.

(1)