- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
cross-posted from: https://programming.dev/post/28204065
You must log in or # to comment.
As far as Let’s Encrypt goes, the easy way to solve that is self-signed SSL certificates and Tofu. Just make it stupid obvious if an SSL certificate changes on a site that you go to. Like, turn your browser into a giant red screen that says that the security of the website has changed and may be broken obvious. Maybe you could have search engines also index SSL certificates so you could see if Google and Bing and DuckDuckGo and whoever else all say that this website has the same SSL certificate that it has had for X amount of time and if the search engines start showing different results you get suspicious.
Edit: Using self-signed certificates and tofu fits better with the decentralized ethos of the original web anyway since you’re not relying on some third-party authority to tell you what’s safe and what’s not.
the enemy is both weak and strong
Elections have consequences. I am no longer on speaking terms w/ trump voters.
I’m no longer on speaking terms with any voters
I’m no longer on speaking terms
Hey! I’m speaking!
No.
The Free Software projects in question: Tor, Let’s Encrypt, and F-Droid
Let’s Encrypt
God damn they literally just want to watch everything burn.
Cut off .gov domains
.gov is using let’s encrypt? That’s pathetic.
I did not knew that Tor was getting funded by the american state. Thats giving me some spooky vibes.
It was invented by the US Navy.
Well color me stupid color me gone.
… Except not using it would be less secure, so I’m not sure I’m following…
F me
Well, at least the one he used for thruth is safe (mastodon IIRC?)
Delta Chat was one of the FOSS projects affected: https://chaos.social/@delta/114211300446944585
Well it looks lime most of us are going to have to step up our donations foe the next few years
You will never approach the amount they receive from government funding. That is the point.
We’re going to have to try or potentially lose the project
Let me spell it out for you. Trump has removed our cyber defenses and now he’s defunding FOSS projects like Tor and Let’s Encrypt!…
Now Trump wouldn’t know a FOSS project from a hole in the ground but do you know who does? What world leader who has an entire cyber attack force on his payroll and wants to remove any barriers in finding dissidents who are probably using Tor to coordinate and hide from them?
Do the math. If the government funding of these projects is allowed to be removed it’s gonna be a whole new ballgame on the internet and the only ones to reap the benefits are the dictators.
This is terrible news, anyone know of alternatives to let’s encrypt?
they have more sponsors and won’t go broke because of this
HTTP works pretty well, if you don’t mind various governments spying on the traffic.
The solution to this is simple. A change to the MIT license to bar .gov projects to use the open source projects.
Why would making government more proprietary help?
These are FOSS projects, not open source. They’d no longer be FOSS and that would be bad. Freedom 0 is important.
Its possible to add free for all except US govt and that does not stop it from being free for the rest of the world.
