Skip to content

The Isoblog. Posts

10 reasons not to do HTTPS interception

Marnix Dekker has an article on HTTPS interception as it is being done in some workplaces.

He lists:

  • Are you serious? We worked so hard to make the web more secure and you are fucking it up.
  • HSTS, you are breaking it.
  • Blinds the browser and the user, because you re-encrypt with wildcard certs.
  • Disrupts personal use.
  • Breaks pinning and CT.
  • Breaks with consumerization.
  • Disrupts BYOD.
  • Discourages good user practices.
  • Limited benefits.
  • and finally: Hard shell, soft inside is not going to work.

 

Malvertising – we have only seen the beginning

Netzpolitik.org has an article (in German) in which they are interviewing IT-Security Consultant Thorsten Schröder on Adblockers, wasted capped mobile bandwidth and Malvertising.

netzpolitik.org: Neben dem Schutz vor Malware, welche weiteren Gründe für die Nutzung von Adblockern findest Du wichtig?

Thorsten Schröder: Wenn wir als Malware all das klassifizieren, was Nutzer ausspioniert, täuscht, kompromittiert oder finanziell schädigt, haben wir im Grunde schon mal eine ganze Reihe an Gründen abgehakt. Nutzer müssen die Möglichkeit haben, selbstbestimmt das Schutzniveau ihres Computers bestimmen zu dürfen. Hat die Bundesregierung vielleicht mal das Bundesamt für Sicherheit in der Informationstechnik (BSI) gefragt? Es wäre eine gute Gelegenheit für das BSI, zu zeigen, was es drauf hat.

»netzpolitik.org: Besides the protection against malware, what other reasons for using Adblockers are important to you?

Thorsten Schröder: If we classify things as malware which spy on users, deceive them, compromise them or harm them financially, we have in principle covered all reasons. Users you have the right to determine the level of protection their computers need. Did our administration ask their Bundesamt für Sicherheit in der Informationstechnik (BSI)? It would be a good opportunity for the BSI to show what they can do.«

We have bread again!

Like every German living abroad, I suffer from the bread question. But things are clearing up, the most wunderful wife of all has her sourdough going again, and this is a fabulous batch of tiny sourdough Ciabatta.