

China Is Said to Use Powerful New Weapon to Censor Internet - coldcode
http://www.nytimes.com/2015/04/11/technology/china-is-said-to-use-powerful-new-weapon-to-censor-internet.html

======
sctb
Comments moved to
[https://news.ycombinator.com/item?id=9353785](https://news.ycombinator.com/item?id=9353785).

------
jonawesomegreen
Like I said in the other [1] thread on this topic, I hope that this drives
home the need to be using HTTPS _everywhere_ we can be. It would make this
kind of wide scale man-in-the-middle attack much harder to pull off and easier
for users to detect. If only getting a certificate was an easier (less costly)
process.

[1] -
[https://news.ycombinator.com/item?id=9353785](https://news.ycombinator.com/item?id=9353785)

~~~
forgottenpass
I hope this drives home the need to stop including 3rd party javascript on
websites. It makes visitors' browsers load and run code of variable
trustworthiness. The browser sandbox is entirely ill-equipped to keep users
safe and secure online or prevent their computers from being leveraged for
malicious ends. The sandbox allows everything but the most indefensible
exploitative actions.

HTTPS is great and all, and does change the threat model but the Chinese
government controls root certificates your browser trusts. And they weren't
worried about getting detected funneling traffic to github.

------
hacktavist
Crazy my friend Bill worked on this, he's the one pictured in the article

