View Single Post
Old 10th March 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

I'm not so sure HTTPS is the appropriate answer for keeping communications private, Danno.
  1. It is limited to use with only that subset of webservers that are configured to use it.
  2. It uses TCP, so the client (or its nearest NAT router) and the server IP addresses are sent in-the-clear, and as I mentioned previously, if anyone gains information on *which* HTTPS-enabled porn sites you spend your time on, that information is available.
  3. The URLs are sent in-the-clear, so that not only can we find out which sites are of interest .... but which particular porn is your favorite. It depends on what's in the URLs, of course.

HTTPS is fine when you don't care if someone knows *which* bank you do business with. If you care to keep that information private, then it's the wrong medium. (This also means you want to use a bank that doesn't put your account numbers in the URLs, even if they use HTTPS. Unless you don't care about that, either. )
Reply With Quote