Stuff like this is why all sw/browsers MUST REMOVE SUPPORT for adding custom root CAs.https://twitter.com/konklone/status/672127239987798017 …
@tehile Getting ppl to install a modified browser with official branding removed is a lot harder, won't work on iOS, etc.
-
-
@RichFelker Right, OS distibutors should fully lock their OS so that rogue states could not force users to install rogue browsers. -
@ch3root Proprietary OS's/ecosystems should keep 3rd-party malware out of the core system. Of course they should be replaced by FOSS ones. -
@RichFelker What you are proposing -- app protection from a user with full hw access -- is a move in the opposite direction: DRM, locked OSs -
@ch3root You're misinterpreting what I'm proposing, but Twitter and 140 characters... not a good medium for this. -
@RichFelker Ok. Should I as a user be able to inspect what Chrome sends to Google? If not via mitm, how? -
@ch3root Via the js console or editing the source. Or manually allowing individual invalid certs. But not a root CA. -
@RichFelker Can you do it for service requests (updates, safe browsing etc.)?
End of conversation
New conversation -
-
-
@RichFelker maintaining a browser with patched CA list is much easier that the Great Firewall. Why won't patched browser would work on iOS. -
@tehile Because only things in the App Store work on non-jailbroken iOS.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.