Follow

Internet insecurity is a good thing

If the Internet would have been started with a security and encryption built-in, we would have never got so far.

Spent some part of Sunday trying to configure three devices to talk to each other using with encryption and failed badly. (Using and ).

@saper Encryption built in is much easier than encryption added on later.

@forthy That is exactly the premise I started to question in my mind.

OMEMO is probably a good example for the encryption added later that does not work very well.

But I am afraid we were here stuck today with 56-bit symmetric DES everywhere if we have started doing that in the beginning.

@saper Replacing algorithms was very common back then. Actually, too common, they added too many options.

@forthy I think that adding a new block mode or key exchange is not that trivial

@saper SSL, now TLS, did that in every single new release. Even with new ways of key exchanges nobody thought about 25 years ago.

@forthy Yes. Resulting in a loss of interoperability between machines with software generations few years apart.

My unfounded theory is that Internet would have never taken off with similar interoperability problems.

Current world has no please for "be conservative in what you send, be liberal in what you receive".

Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!