Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> Secret service agencies have the ability to pose as whatever they want, even using "legit" certificates.

That's why I greatly prefer the WoT model to the CA model and refuse to use S/MIME in favor of OpenPGP.

That said, you could write down the checksums of the certificates you trust. Effectively you do trust checking by hand then.



How would you ever prevent whoever gets the information to pass it to secret services agency?

That is why as European I find the whole PRISM discussion overblown as if people weren't aware secret service agencies have been doing this for years all over the world.


> How would you ever prevent whoever gets the information to pass it to secret services agency?

I think it is about third parties. If I can't trust the person I am communicating to, why would I want to tell this person any secrets?

> That is why as European I find the whole PRISM discussion overblown as if people weren't aware secret service agencies have been doing this for years all over the world.

I agree completely.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: