European Union wants to ban HTTPS now
>Article 45 forbids browsers from enforcing modern security requirements on certain CAs without the approval of an EU member government.
>Browser makers have not announced their plans yet, but it seems inevitable that they will have to create two versions of their software: one for the EU, with security checks removed, and another for the rest of the world, with security checks intact.
https://www.eff.org/deeplinks/2023/11/article-45-will-roll-back-web-security-12-years
It it saves just one life from a terror attack, it's a good thing. I fully support giving the government enhanced tools to keep us all safe. After all, if you have nothing to hide, you have nothing to worry about.
>Trump/AfD/Whatever gets voted into power
>mfw
> It it saves just one life from a terror attack, it's a good thing
No, life isn't worth shit.
>if you have nothing to hide, you have nothing to worry about.
>gets cancelled after a tweet you made 10 years ago
>t. hamas relativist
Terrorists and pedos will just adapt, the governments know this. This is about spying on the general populace.
The purpose of these online safety bills is not (You)r safety. It's for the government's safety from (You). They'll let you die in a terror attack they've known would happen for months if that means it makes people feel less safe so they can push more bills like this.
Unfortunately for you, EU support terrorists. Recently a group of terrorists has been attacking non-stop to hospitals and civilians, and what EU did is praised them.
Because those aren't terrorists. Those are freedom fighters.
fuck this gay ass organization
https://www.eff.org/deeplinks/2023/10/social-media-platforms-must-do-better-when-handling-misinformation-especially
I used to give them money but they are not getting one more dime from me.
their other efforts are still necessary to combat all the fucking censorship and power grabbing the EU/US/WEF try to do every fucking day.
didn't they backtrack on hurricane electric?
They had to make a PR statement that "but we're cool with trannies though"
They never said "and therefore KF should go down," they still stuck with their original intent of "no one should be allowed to do this"
I hate the PR for fags as much as anyone, but I do see the utility of convincing the retards who are gay that they should keep donating money
EFF promotes censorship of internet
They need to be killed off.
It's so fucked how former civil rights orgs were coopted into this shit.
It was always the plan
Civil rights groups only form because they want power they don't have.
No one who works at an ISP is in their ideological circle, so ISP censorship power is bad
Damn near everyone in a position of power at social media companies are of the same ideological circle, so social media censorship becomes good.
You could claim that was Kapor's "plan" based on his later activism, but the other founders have been consistent with their stances. You just claiming that that position doesn't exist is suspect in itself.
Why can't rightists make their own internet, infrastructure, social media, art etc?
The entire tech industry was built by libertarians, go read them. What is this redditarian "I made this" nonsense communists always pull. Dear leader AoC is responsible the heavens and the earth, be thankful to she
Professor, Why not ask Elon Musk to give you a few billion dollars for research and a brand new Lamborghini?
mother of based, CAs are gay. i want my unregistered ip address (no, i will NOT buy a domain. sorry, not sorry) to have https
Did you even read the article? This will not remove HTTPS, it will just let the EU member ststes approve or disapprove certain CAs (most likely only used for government-owned CAs), this will let governments read incoming and outgoing traffic of any user, even for non-EU citizens who uses a browser with these checks in place.
I use HTTPS-only on websites I manage because I don't want my customers to fall victim of mitm attacks, which HTTP is vulnerable to.
Even for simple frontends, it is crucial that no one will edit the web page that my clients' customers receive. A bad actor might edit the web page to add scripts, links to malicious or phishing sites or even just troll and adding a dick pic in the homepage.
Let's Encrypt is free and so are other CAs.
>mitm
uh oh, bigot-kun, you're supposed to be using more inclusive language? remember? It's PERSON-in-the middle, sweaty
Uhhh i think you mean On-The-Path-Attack
>when does it end?
KEK
tech trannies have unironically debated using that term
> Did you even read the article? This will not remove HTTPS, it will just let the EU member ststes approve or disapprove certain CAs (most likely only used for government-owned CAs), this will let governments read incoming and outgoing traffic of any user, even for non-EU citizens who uses a browser with these checks in place.
Niger stop talking out of your ass. CA can only sign identity, they can't do shit for actual connections.
Fucking hell what the fuck is wrong with retards today.
Well yes, big government needs to also sniff out your packets to actually read your communications.
Just like in HTTP.
Having a untampered connection while the government reads your inbound and outbound traffic is the point of my previous post.
I still disagree with the regulation because fuck the feds and their spyware CAs but at the same time, the most they could do is phising website style "sign their own domain" bullshit
Based, maybe browsers will stop treating http-only websites like they're Hitler's personal propaganda camps that nobody should be allowed to touch.
As asinine as the European proposal is, I really don't understand why all pages moved to https. It's completely unnecessary 90% of the time. The only real effect is that boomers are more easily tricked because when they click on a phishing email and they open totallylegitreallyyourbankfrfr.com they see a green padlock that makes they think the website is real.
Well, that, and that old devices that only supported TLS 1.1 no longer can open any webpage because servers don't allow you to use plain http anymore even if you only wanted to check the weather.
>servers don't allow you to use plain http anymore even if you only wanted to check the weather.
https://www.bom.gov.au/
Besides, I don't understand how this is supposed to be a threat when this MiM shit is literally exactly what cloudflare has been doing since forever and we all were supposed to be completely okay with it.
Holy based.
Well I rather it be a private company than my government personally
I would bet money that CloudFlare is a NSA front.
no shit sherlok
a company that decrypt and reencrypt the trafic can't be a letter honeypot.
also, they can do a passtrough if you give them big money but it's expensive
You're site becomes delisted if it doesn't have https
Many JS APIs are only available in secure contexts.
>I really don't understand why all pages moved to https
I don't, either. Granted, it's a trivial overhead at runtime, and a slightly less trivial hassle on set up. Setting up your own clear text webpage is actually a handicap now, because every browser freaks out when trying to access stuff on 80, so you'll lose all the olds and CVEfags.
By the way, this is YET ANOTHER CONSPIRACY THEORY come true. People have been saying CA's would be leveraged since their inception, and for now you can still write your own for any website that isn't tied to a business, but that's a lot more restrictive than just wide-open HTTP with custom back-end security solutions. But even that small ability is going away. Soon, you'll need a full-on license to send data to "approved" browsers, and after that sending anything as clear text will get flagged. All of this obsession with "security" is completely incongruous with HTML5 local storage and any number of other "features" that no one really asked for and fix no problem but are nevertheless included in all network software anyway.
>sending anything as clear text will get flagged
you think it's easier for the government to read ciphertext than plaintext? if governments want to spy on websites, they can just make everyone register their IP address. that works with or without HTTPS.
Dumbass, without HTTPS, all texts submitted over the net are plaintext. Anyone listening in on a proxy server or VPN could simply read all the plain texts submitted infos.
>Someone will read my shitposts
Finally!
Your bank user name, passwords, emails, etc.
Could it be that some applications benefit from SSL, and others do not? That some website *should* use HTTPS and other website *could* use it, and even some small number of websites *should not* use it??
It'd be neat if to use online banking you needed to set up a private and public key pair, otherwise do it in person only
i was actually pretty annoyed by it, because it effectively killed my home caching proxy, which reduced traffic a reasonable amount with multiple people living in the same house
can't really do it with https, since doing so would require adding a custom cert to each device, which is just impractical
thankfully my connection is much faster than it was back then, so it's not as big of a deal, but still, there's plenty of traffic which doesn't need to be encrypted
Can't ISP inject stuff into non https websites? Can't they see what exactly you are browsing? It would also make it easier for hackers.
There are no real disadvantages to using https.
every time the EU is going to ban encryption or whatever it ends up being a nothing burger.
Sure, but it shows you where their intentions are. Also shows you how retarded they really are when they say they want to ban cryptography altogether.
It's a nothingburger to you because you see it talked about then never hear about it again you're not on the ground level fighting this shit in the courtrooms and meeting with people and whatnot
Always remember, the EU is a democratic organisation. It can, however, impose its will upon the democratic states of the EU. Only MEP's are directly elected by the people of those states and MEP's have very few rights or responsibilities. The upper tiers of the EU are elected in a very undemocratic way
>Always remember, the EU is a democratic organisation
meant to say
Always remember, the EU is NOT a democratic organisation
No, you were right the first time. If you care about democracy, you should be condemning America's gerrymandering, electoral college, campaign finance laws, and non-proportional voting system.
right, but EU isn't a good example of that
everything but direct democracy is a scam
like what? everything since single market (arguable) and schengen has been a more or less disaster
all the privacy and free speech violations you see are all a product of EU's supranational nature
>the EU is NOT a democratic organisation
That's the only reason EU sometimes does good things. If it was a democratic organization I don't even want to imagine the kind of brutal oppression we'd have since representative democracy removes the last vestiges of guilt from the sociopathic leaders by giving them the mandate of the people.
really? so what system do you think makes tyrants grow a guilty conscience and not commit atrocities?
None. There is no system that does that. The closest you can get is monarchy since at least the tyrant has a selfish motivation to pass along his fief to his children.
EU has a lot of consumer protection laws which as far as tyranny goes are somewhat beneficial. EU actually also has decent privacy laws. I have to deal with some of them regarding data retention, very annoying. I get the impression you're divining that I like the EU. I never said that. I only said that the lack of democracy is the only reason EU on occasion does things that aren't bad. I also didn't imply it did a lot of good things or that these things wouldn't happen in the absence of EU.
Oh yea they dicked Microsoft a whole bunch of times, that's good in my book.
>fruitpilled peachcel
Retardation is funny sometimes.
gay ass organizations like these make me think of greenpeace or the world wildlife fund as to whether they're independent or not - they're not
https://www.eff.org/deeplinks/2023/06/around-world-threats-lgbtq-speech-deepen
>just buy our certificates to be safe
https was a mistake
Buy?
Unfortunately yes. Both chromium and Firefox browsers hit you with a WARNING YOU'RE GOING TO GET FUCKED IN THE ASS page if you use a self encrypted cert. While you and I don't care and know it's safe, that screen is enough to make the majority of people back off.
so you missed lets encrypt five years ago?
TNSTAAFL
>self encrypted cert. While you and I don't care and know it's safe
*mitms your connection to add cryptomining javascript*
nothing personnel kid
the coverage they do provide on some topics is significant, however gay and compromised their buttholes might be
https://www.eff.org/deeplinks/2023/08/un-cybercrime-convention-negotiations-enter-final-phase-troubling-surveillance
when it's not mutts it's europoors...
we can't have nice things in this fucking world, holy fucking shit...
there will always be some morons to declare war on math for no fucking reason, we deserve the great reset, it can't come soon enough
obviously this shit is unenforcable so why are they even wasting time on this shit?
how much more clueless can these retards be...
They are doing this precisely so that you have this reaction and mindset. They are winning, you are losing.
This is a good thing, there's been so much misinformation put out by hamas that we have to get the left back on our side.
> modern security requirements
You mean shit like Firefox that forces me to run some retarded shit every couple days or it stops recognizing my glued together certs?
Or when it bitches about self-signed certs?
Fuck CAs.
We need to remove the security checks from your browser goy!
rent free
Free? oy vey
Oy givalt!
finally my powermac 7300 will be able to access the modern internet again
death to tls
It will be killed by the European Parliament, like every other retarded idea the Council has
>be eff
>end https everywhere
le everywhere, browsers have implemented the functionality
>EU makes browsers backdoor their https enforcement
It's not like I told you homosexuals
TBQH HTTPS isnt that worth and most of times is unnecessary, creating the feeling of false security
Ay this point we are gonna normalize TOR and web2.0 before 2030
>Ay this point we are gonna normalize TOR and web2.0 before 2030
do you mean web3? i think that still relies on HTTPS, unless you want to pay 50 cents and wait 10 minutes to get your data from a blockchain.
anyway, TOR won't be normalized by 2030, it will be banned. how well do you think TOR can make its traffic look indistinguishable from non-TOR traffic? are you willing to risk prison time to test that?
The Norks (still best Korea) have the same thing for their internet. Only they do it to protect the minjok while the EU will use it to enforce gay pride and mass migration on the European peoples for our zog yankee masters.
I welcome assfuck that comes. We will have two internets now.
One for normalfags, with all security, mobile-first, business-first shit. Let them have it, once they dig themselves a cozy hole they'll sleep there forever.
Other for everyone else, who'll go to "insecure" zone and do whatever the fuck they want once again.
And what stops someone from just downloading the one with the checks?
Implying that actually happens, what would be stopping me, an european, from downloading the US version of browsers without the EU CAs and using that?
t. Retard
User agent checks server side
What if I use a VPN and subscribe to starlink...
Uh, none of those change your user agent. They hide your IP address from your ISP and give it to your government. Where are you even going with this?
>implying dark web websites use https
What about using i2p
the main argument of the open letter the article is based on is that "Under
Article 45 clause 2a, only conditions listed in these specifications can be required." but it seems like there is no such clause in the final draft so i guess their concern was heard
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:52021PC0281
https://invidious.flokinet.to/watch?v=37irG5pKur8
It was over before it even began
Europe needs to be nuked
simply use your router find a a secure dns server. Bypass the isp's dns and any dns within the EU. problem solved - Easy to do
Maybe they can finally stop being total pussys and implement DANE like they should have a decade ago.
As a hacker I only see this as a positive, don't see the problem
The EFF is just a lobby group on behalf of literal cyber criminals. Zero respect for them
antisemitic remarks have no place on the internet
>compiles non gimped version
checkmate eu
The average person won't know or even consider that they need to download an alternative browser, and pre https people got "visits" all the time for false flags. There's an old story that I always think of where some mom got a visit by police for researching pressure cookers not long after the boston bombing.
I swear if the governments start passing more dumbass laws like this I would actually drop out of cybersecurity. Imagine being questioned by gov't authorities 24/7 that you're harboring child pron. They can fuck off.