Microsoft supporting tyrants?
Thomas Jost
schnouki at fsfe.org
Tue Mar 22 20:08:31 UTC 2011
On Tue, 22 Mar 2011 19:05:00 +0100, Nicolas JEAN <nicoulas at fsfe.org> wrote:
> Hi all,
>
> A friend of mine sent me a link to this article (in French):
>
> http://www.rue89.com/2011/03/18/tunisie-microsoft-complice-de-la-censure-numerique-par-ben-ali-195693
> which accuses Microsoft of helping dictatorships to spy on their people
> (too generous state SSL root kits in Internet Explorer).
About a year ago there were discussions on a similar topic after Mozilla
accepted the China Internet Network Information Center (CNNIC) as a root
CA in Firefox and its other products: see
http://lwn.net/Articles/372264/ or
https://www.eff.org/deeplinks/2010/03/researchers-reveal-likelihood-governments-fake-ssl
for details.
So this is really nothing new. And the issue is certainly not specific
to Microsoft, it's really about trust in the CAs whose certificates are
bundled with every browser (hey, I just checked on my laptop: Google has
its own root CA, as well as Japan, as well as AOL, as well as VeriSign,
as well as the Brazilian government, as well as VISA... and they are all
in the ca-certificates package).
And this is why many people are now seeking alternatives to CAs
altogether (for example by storing SSL certificates in DNS records), or
just not using them anymore
(https://blog.torproject.org/blog/life-without-ca).
Which, in my opinion, is much more relevant than just blaming Microsoft
for doing the same thing as everyong else.
--
Regards,
Thomas/Schnouki
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 489 bytes
Desc: not available
URL: <http://lists.fsfe.org/pipermail/discussion/attachments/20110322/5d20b756/attachment.sig>
More information about the Discussion
mailing list