Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 17 submissions in the queue.
posted by mrcoolbp on Saturday April 18 2015, @01:57AM   Printer-friendly
from the executive-material? dept.

Paul Schreiber blogs about the tech behind the websites of presidential candidates. "So, you want to run a country. Can you hire someone who can run a website? ...Here's how the (declared) candidates' sites fare." There's a table comparing 4 candidates' sites based on HTTPS, URL permutations, IPv6, SSL rating, and other related qualities. Schreiber mentions that he will "update this as more candidates declare or sites change."

From the blog comments

HillaryClinton.com was using IIS (and no https) until Sunday morning, when they switched over.

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2, Interesting) by Anonymous Coward on Saturday April 18 2015, @04:02AM

    by Anonymous Coward on Saturday April 18 2015, @04:02AM (#172288)

    HTTPS totally falls apart because the CA system is fucking broken.

    You keep going on and on about security, but you totally ignore one of the biggest goddamn security flaws out there.

    Starting Score:    0  points
    Moderation   +2  
       Interesting=2, Total=2
    Extra 'Interesting' Modifier   0  

    Total Score:   2  
  • (Score: 2) by kaszz on Saturday April 18 2015, @10:37AM

    by kaszz (4211) on Saturday April 18 2015, @10:37AM (#172347) Journal

    It's better than nothing security. A quick fix using an existing standard.

    • (Score: 2, Informative) by Anonymous Coward on Saturday April 18 2015, @12:50PM

      by Anonymous Coward on Saturday April 18 2015, @12:50PM (#172381)

      No, it's worse. It offers no real security, but tricks people like you into thinking it offers security. A false sense of security is worse than no security. A false sense of security combined with no security is even worse than that.

      • (Score: 0) by Anonymous Coward on Saturday April 18 2015, @03:49PM

        by Anonymous Coward on Saturday April 18 2015, @03:49PM (#172451)

        It absolutely offers some security. The NSA and other agencies with compromised CAs are not the only threat out there. Other threats include ISPs fucking with the data stream like adding supercookies to make every request trackable [forbes.com] and injecting ads or malware [arstechnica.com] and snooping on all your browsing to build a profile they can sell to the highest bidder. [arstechnica.com]

        The perfect is the enemy of the good. Quit being an enemy of the good.

        • (Score: 1) by Fauxlosopher on Saturday April 18 2015, @06:10PM

          by Fauxlosopher (4804) on Saturday April 18 2015, @06:10PM (#172509) Journal

          The good can also be tools of evil if people are satisfied with the so-called good and forget to deal with the evil.

          Sure, use HTTPS/encryption in cases where it makes sense to do so - but do NOT forget that the evil must still be dealt with. Keep looking for an opportunity to destroy the evil at the root of the problem.

          If all encryption were 100% unbreakable by anybody, you'd still be exposed to powerful metadata analysis by the criminals in the NSA, et al.: "We kill people based on metadata [rt.com]." -Michael Hayden, former CIA and NSA director

          • (Score: 0) by Anonymous Coward on Sunday April 19 2015, @02:16AM

            by Anonymous Coward on Sunday April 19 2015, @02:16AM (#172681)

            > The good can also be tools of evil if people are satisfied with the so-called good and forget to deal with the evil.

            Yeah, yeah, yeah. We've already been down that path in this same thread. Thanks for regurgitating:

            >> The NSA and other agencies with compromised CAs are not the only threat out there.
            > If all encryption were 100% unbreakable by anybody, you'd still be exposed to powerful metadata analysis by the criminals in the NSA, et al.:

            • (Score: 0) by Anonymous Coward on Sunday April 19 2015, @08:17AM

              by Anonymous Coward on Sunday April 19 2015, @08:17AM (#172767)

              > The good can also be tools of evil if people are satisfied with the so-called good and forget to deal with the evil.

              Yeah, yeah, yeah. We've already been down that path in this same thread. Thanks for regurgitating:

              I'll consider it just as soon as people stop implying that the use of known-broken cryptosystems is some sort of panacea, then getting indignant when the brokenness is brought up by others.