[Wikimedia-l] PRISM

Tobias church.of.emacs.ml at googlemail.com
Mon Jun 10 14:12:00 UTC 2013

On 06/10/2013 03:30 PM, Fred Bauder wrote:
>> Encrypted, if you're using https everywhere (and Wikipedia hasn't
> intentionally or unintentionally compromised their certificate).
> But simple encryption that NSA can break at will.

No one will bother trying to break SSL/TLS. The NSA certainly doesn't
need to. They can just sign their own certificates and perform
man-in-the-middle attacks. Browsers will in most cases accept those
forged certificates, since the NSA can make sure that they are signed by
a CA trusted by many browsers.

A bit off-topic, but this talk explains everything wrong with the
certificate system: https://www.youtube.com/watch?v=Z7Wl2FW2TcA

-- Tobias

More information about the Wikimedia-l mailing list