OMG!!
First of all, you'd be mis-educating them if telling them that
certificate "validity" has any real meaning. (But now you're talking
about http.)
Second, why do you think you have any right to put speed bumps in the
way of people who are doing nothing to you?
Third, if your grandmother needs internet "safety" education, just
educate her, or refuse to keep fixing the problems she encounters in her
ignorance - if she really is all that ignorant. I hope you wouldn't
install a browser re-direct without her consent, because then you'd be
just any other malware propagator with just any other self-righteous
rationalization.
Fourth, if /you /need educational "speed bumps" on /your /router, /you
/are free to have them. One of the great things about freedom - from
government or from meddling busybodies - is that /you /get to be free too.
For years my Firefox has had an option to "always use HTTPS", and I'm
sure all other modern browsers do as well. Plus, Mozilla.org has a free
plugin - I think it's from EFF.org - called "HTTPS Everywhere". It's all
very easy to use, and will be almost entirely transparent to Grandma.
On 3/20/2017 3:14 PM, Brien Dieterle wrote:
> A system like I described would just be an "educational tool" to
> encourage people to use HTTPS (properly). It wouldn't stop you from
> accepting bogus certificates-- just a speed bump. Now that I've
> thought about it I'd really like to install something like this on my
> grandparent's router. . . heck, my own router. . .
>
> On Mon, Mar 20, 2017 at 2:50 PM, Vara La Fey <varalafey@gmail.com
> <mailto:varalafey@gmail.com>> wrote:
>
> Oh HELL no!! What kind of hall-monitor nanny mentality do you want
> people to adopt??
>
> I accept "bogus" certificates all the time because the whole idea
> of certificates is crap in the first place - they are NOT
> maintained - and years ago I got tired of that procedure warning
> me about "invalid" certificates for sites that were perfectly valid.
>
> I've never had a problem. Of course I'm also careful where I go,
> certificate or not.
>
> - Vara
>
>
> On 3/20/2017 2:12 PM, Brien Dieterle wrote:
>> Maybe every commercial router should do SSL interception by
>> default. If a user accepts a bogus certificate they are taken to
>> a page that thoroughly scolds them and informs them about the
>> huge mistake they made, forces them to read a few slides and take
>> a quiz on network safety before allowing them on the Internet.
>> Maybe do the same for non-ssl HTTP traffic, etc.. .
>>
>> On Mon, Mar 20, 2017 at 1:55 PM, Matt Graham
>> <mhgraham@crow202.org <mailto:mhgraham@crow202.org>> wrote:
>>
>> On Mon, Mar 20, 2017 at 12:29 PM, Victor Odhner
>> <vodhner@cox.net <mailto:vodhner@cox.net>> wrote:
>>
>> I’m really annoyed that so many companies offer open
>> WIFI when it would be
>> so easy to secure those hot spots. Restaurants,
>> hotels, and the waiting
>> rooms of auto dealerships are almost 100% open.
>>
>> [snip]
>> On 2017-03-20 13:20, Stephen Partington wrote:
>>
>> This is usually done as a means to be easy for their
>> customers.
>>
>>
>> Pretty much this. Convenience is more valuable than security
>> in most people's minds.
>>
>> they’d be happy to do the right thing if we could
>> explain it to the right people.
>>
>>
>> I'm not sure this would happen. Setting up passwords and then
>> distributing those passwords has a non-zero cost and offers
>> zero visible benefits for most of the people who are using
>> the wireless networks.[0] And as another poster said, what
>> about football/baseball stadiums? Distributing passwords to
>> tens of thousands of people is sort of difficult. "Just
>> watching the game" is not an option; people want to FaceTweet
>> pictures of themselves at the game.
>>
>> OTOH, the last time I looked at the access points visible
>> from my living room, almost all of them had some sort of
>> access control enabled. Maybe there's a social convention
>> forming that "my access point" ~= "my back yard" and "open
>> access point" ~= "a public park"?
>>
>> [0] Having a more educated user population would make the
>> benefits more visible, but it's very difficult to make people
>> care about these things.
>>
>> --
>> Crow202 Blog: http://crow202.org/wordpress
>> There is no Darkness in Eternity
>> But only Light too dim for us to see.
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
>> <mailto:PLUG-discuss@lists.phxlinux.org>
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>> <http://lists.phxlinux.org/mailman/listinfo/plug-discuss>
>>
>>
>>
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list -PLUG-discuss@lists.phxlinux.org
>> <mailto:PLUG-discuss@lists.phxlinux.org>
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>> <http://lists.phxlinux.org/mailman/listinfo/plug-discuss>
> --------------------------------------------------- PLUG-discuss
> mailing list - PLUG-discuss@lists.phxlinux.org
> <mailto:PLUG-discuss@lists.phxlinux.org> To subscribe,
> unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
> <http://lists.phxlinux.org/mailman/listinfo/plug-discuss>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
(text/plain)