If I use #httpseverywhere, is there any reason to use a #VPN? #privacy #infosec
Pretty proud of my second patch sent to the #ClawsMail team.

Hopefully, the next version of this MUA will have a largely improved #E2EE #UX:

  • a new config option in the #PGP plugins enable automatic online discovery of PGP keys (according to your existing gpg.conf auto-key-locate
  • whenever you recieve a mail signed by a public key missing (or expired) in your #GPG keyring, you'll have a button to trigger an online search for the key (either through #WKD or the older #keyserver based approach).
In the age of #ChatControl, I think it's time for PGP based end-to-end #encryption to be enabled by default in #email clients.

Most arguments against the complexity of the #WebOfTrust are moot, when applied to mail comunications. And given how easy is to deploy WKD protocolΒΉ, key autodiscovery could seriously increase the amount of encrypted mails over the network, increasing people #privacy and heavily reducing the power of passive #surveillance.

#HTTPSEverywhere did not reduced global surveillance, but #PGP could!

___

¹ an Italian tutorial about wkd is in the making, but... #programming was more funny. 😝

HTTP or HTTPS?

I'm building a new static website, minimalist design etc, mostly about my hobbies and interests. Although, who knows, maybe in the future I will cover more controversial topics ...

Is there any good reason *not* to use HTTPS?

#http #https #httpseverywhere

Maybe noteworthy to some:

If you see "https-rulesets​.org" in your #DNS logs going forward, there's a #browser somewhere on your network that needs attention.

The #HTTPSEverywhere browser extension, which was retired a couple years ago by EFF, periodically checked "https-rulesets​.org" for updates. That domain expired this week and got snatched up by a squatter. I don't think it resolved at all for most of 2024 and nothing should be querying it now.

Fuck it, if we're going to break #HTTPS this much already by using MitMs like #Cloudflare then let power users like us choose how to break it! 

https://forum.palemoon.org/viewtopic.php?f=5&t=31631

#proxy #Squid #SquidProxy #Polipo #TLS #web #webdev #openweb #browser #browsers #HTTP #HTTPSEverywhere #PaleMoon
Feature request: Allow disabling certificate validation on the sites you visit when an HTTP(S) proxy is set - Pale Moon forum

This push for #HTTPSEverywhere would've been perfectly fine if it just focused on #HTTPS / #TLS / #SSL as an option always available. But no, it also pushed for it to be mandatory (even if it doesn't make sense if you look at the #threatmodel), and as a result pretty much everything in the #web cannot be accessed with a #browser that doesn't have an up-to-date enough TLS support. Which is fine I guess if you're on a modern computer anyway, but a pain if you're on #retrocomputing. ​:seija_coffee:​

The
#LetsEncrypt #centralization is also a serious concern, which is why I avoided using it for my #VPS.

RE:
https://hamishcampbell.com/a-balanced-and-pragmatic-approach-to-native-openweb-security/
A balanced and pragmatic approach to native #openweb security – Hamish Campbell

@workingclassgames or even better: Use @torproject #TorBorwser so #Tracking and #Ads are pointless!

Because it is @mozilla #Firefox but with #uBlockOrigin, #HTTPSeverywhere and #NoScript already integrated and working fine...

I wonder how many companies have gone out of business simply because they didn't use https for their websites.

#httpseverywhere

DYN that by default #Azure #functions do not enforce #HTTPS only? Rather you must configure HTTP to redirect to HTTPS.

Also, interestingly enough I found this factoid in an Azure Docs section on VNet integration.

#httpseverywhere #appsec #security #cybersecurity #cloudsecurity