
Should the Web be Encrypted? - DanielRibeiro
http://www.infoq.com/news/2011/08/https
======
CoffeeDregs
TL;DR: don't click the link! Your eyes will bleed!

This article is _not at all_ about whether the web should be encrypted. It's
barely even about EFF's "HTTPS Everywhere". It's essentially a provocative
title slapped onto re-postings of quotes from other people.

>HTTPS is the keystone of Internet security and privacy. >In particular it
protects against "search hijacking".

Oh, phew! I can go back to submitting passwords over HTTP again.

>The Web, having just turned 20, shows signs of fatigue and >its core
technologies seem to be increasingly unable to >cope with sophisticated
attacks.

If "The Web" is having a problem, it's that new-style web apps usually have
the security mindset of page-by-page websites while having the functionality
of full-on client apps.

>the out-of-control proliferation of pseudo-standard >ways to secure Web
protocols

Holy shit! They're using pseudo-standards! Set phasers to "kill"! Oh, wait,
most sites are using fairly standard methods of securing data? (e.g. HMAC,
OAuth, etc) Hmm... My eyes!!! They burn!!!

EDIT: in case my flippancy was confusing, web standards and a secure web are
very important. If I just consider the question posed by the title of TFA, I'd
have to say "Hell yes, the web should be encrypted!" Most of everything ever
written was obscured, so why the hell wouldn't be do the same with the web?
Anyone remember security envelopes for mail? Using code words when talking
about drugs on the phone? The web's no different from mail or phone except
that it's massively more complex than a phone line and no one in this damned
country [US] can understand anything more than a 9 second* soundbite.

* See: [http://www.npr.org/2011/01/05/132671410/Congressional-Sound-...](http://www.npr.org/2011/01/05/132671410/Congressional-Sound-Bites)

------
mtogo
> The Web, having just turned 20, shows signs of fatigue and its core
> technologies seem to be increasingly unable to cope with sophisticated
> attacks.

Okay, wait, _what_?

~~~
Cushman
Come on, you know it's true. Ever since 4chan invented the DDoS in 2007, the
Web has been struggling just to survive.

~~~
drivebyacct2
I'm very sorry, but I can't tell if this is sarcasm or not.

(edit for reply) I'm asking if you're serious that the Web is struggling to
survive? And I guess if you are, can you elaborate in any way?

~~~
Cushman
Is that not right? Was it 2006?

Edit: ;) added to comply with Poe's Law.

[1] <http://en.wikipedia.org/wiki/Poes_law>

