Re: Impacts of Encryption Everywhere (any solution?)

[Rubens Kuhl <rubensk () gmail com>]

On Mon, May 28, 2018 at 1:55 PM, Keith Medcalf <kmedcalf () dessus com> wrote:

> > I'm also not foolish enough to think this thread will affect the
> > encrypt-everything crowd as it is more of a religion\ideology than a
> > practical matter. However, maybe it'll shed some light on technical
> > ways of dealing with this at the service-provider level or plant some
> > doubt in someone's mind the next time they think they need to encrypt
> > non-sensitive information.
>
> Good Luck, especially in light of the poo-for-brains at Google responsible
> for the Chrome browser who (wrongly) equate "secure" with Transport
> Encryption and "unsecure" with not having Transport Encryption; when all
> that Transport Encryption really implies is Transport Encryption and not
> much else.  It has little to do with whether or not a site is "secure".
> Generally speaking, I have found that sites engaging Transport Security are
> much more "unsecure" (as in subject to security breaches and flaws) than
> those that do not engage Transport Security for no reason.
>
> However, the poo-for-brains crowd will get everyone to engage Transport
> Security so the will be called "Secure", whether trustworthy or not.
Actually, starting July Chrome will no longer say "secure" for sites with
Transport Security. It will only say "not secure" for sites without, so it
will no longer provide the false impression of equating Transport Security
with Application/Operational Security.


Rubens