Stuff like this is why all sw/browsers MUST REMOVE SUPPORT for adding custom root CAs.https://twitter.com/konklone/status/672127239987798017 …
@SwiftOnSecurity @konklone For "asset control" it's useless anyway; rogue employees can just use an alternate channel to move data out.
-
-
@SwiftOnSecurity@konklone For AV type use, it belongs on the endpoints, not the network.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@RichFelker@SwiftOnSecurity@konklone Technical solutions only follow requirements. We need to stop entities from requiring MitM instead. -
@Rinon@SwiftOnSecurity@konklone You can't stop rogue nations from requiring it. But you can put them in violation of IP treaties. -
@RichFelker@SwiftOnSecurity@konklone Well... theoretically nations could simply customize other open-source browsers. Or require IE ;) -
@Rinon@SwiftOnSecurity@konklone That's where you use TM law. Disallow use of the Chrome/Firefox/etc. TM's if security features are removed -
@Rinon@SwiftOnSecurity@konklone Then they can call 'em Rustium and Spyweasel.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.