Over at Wired they’re blistering their lips again:
The Heartbleed bug crushed our faith in the secure web, but a world without the encryption software that Heartbleed exploited would be even worse. In fact, it’s time for the web to take a good hard look at a new idea: encryption everywhere.
Followed by an article (i’m almost reluctant to link to it…) that goes on:
Most major websites use either the SSL or TLS protocol to protect your password or credit card information as it travels between your browser and their servers. Whenever you see that a site is using HTTPS, as opposed to HTTP, you know that SSL/TLS is being used. But only a few sites — like Facebook and Gmail — actually use HTTPS to protect all of their traffic as opposed to just passwords and payment details.
Which is such unmitigated bollocks that it’s hard to know where to start. Do they really not understand this? The likes of Facebook and Google make their money from flogging the relationships between the personal data that they collect on their cannon fodder. For Google this business amount to something like 97% of revenue, all the fluff about making knowledge available to humanity is just that: fluff. The real goal is monetising mass data collection by selling it to advertisers. Consumer cannon fodder, pure and simple. Facebook? Don’t know the numbers, but presumably equivalent or worse. The silicon valley business model is pure poison for privacy.
If they were interested in privacy they’d be serious about encryption of data at rest, they’d set themselves up to be cryptographically unable to access your data. Until they do that they are willing victims to any government that orders them to “bend and brace”. That they are not even making an effort to fight for this level of protection for their “product” tells you everything that you need to know.
This post was bought to you by The Swans track Raping a Slave (irony overdose as i link to a google property that you probably don’t even ad block…)