[cryptography] SSL is not "broken by design"

James A. Donald jamesd at echeque.com
Tue Sep 20 16:02:20 EDT 2011

On 2011-09-21 3:32 AM, Jeffrey Walton wrote:
> It seems to me that both the network and the endpoints are at risk. By
> what degree the endpoint exceeds the network is an open question for
> me since (in my observations) most folks and organizations don't boast
> like ComodoHacker. Sadly, I suspect its 'epidemic vs pandemic' and not
> 'rare/isolated vs occasional'.

It has been a very long time since I had virus or trojan on my home 
computers.  The only time my website was hacked, someone had socially 
engineered my email password out of microsoft.

So it is not apparent to me that the node is the problem.  My wife knows 
nothing about computers.  I taught her not to click on anything that 
comes in email, that email is untrustworthy, that you should trust your 
own bookmarks rather than other people's links, and just don't download 
stuff unless you are sure where it comes from.  She stopped getting 
viruses.   Every so often she gets one of those scams "It is an 
emergency, click here", and she panics thinking it really is an 
emergency, but she does not click there.

More information about the cryptography mailing list