topperharlie

you seem to know what you are talking about and I looked into this very long ago, maybe you can help me understand.

From what I can understand reading most of the article this forces browsers to accept the certificates, but it doesn't force the websites to use them, right?

So what is stopping Firefox from showing a warning (like the lock icon being orange, but it could also be a more intrusive message) stating that the certificate was issued by a country and/or doesn't fullfil modern security standards in case one of these CAs is used?

On top of that, the CA doesn't really encrypt the private key of the domain, it just adds a signature stating that the message with the salt and the public key are legit, right? everyone seems to think the government itself will be able to passively see the traffic, but if I remember correctly they would have to gateway the whole transaction (I'm guessing the browser will also have a cache of keys and this could become a bit tricky to do in a global way)

But of course we all know how technologically illiterate governments are (there could be one good, but there will be some "less good" for sure). So yeah, it does sound like a horrible idea to begin with. Because if a CA starts being insecure nowadays browsers can just remove them and go with their life, but if there is a law forcing browsers wouldn't be able to.

I'm just curious about the specifics in case I'm outdated on what I remember.

making sure a small part is very secure vs having to verify every domain I visit? yeah, let me keep using the current system.... are you aware of the amount of domains you connect to every day?

Also, I might be wrong, but if I remember correctly browsers/OS-es tend to come with a list of trusted certificate keys already, which makes adding compromised keys to that list not as easy as you suggest. (I don't even know if that happens or if they just update as part of security updates of OS/browsers)

I know that everyone and their mom are in the hype train of AI, but we still don't know if its here to stay or not. Basing your whole strategy on a tech hype trend to the point of antagonising google... seems a bit too far fetch.

sure today Reddit results are still a thing that makes sense, but is it really too big to fail? if they're not in Google no significant amount of new users will sign up. between that, the exodus and other stuff wouldn't the content rot relatively quickly?

on the other hand social sites have huge inertia (still surprises me how many people are in twitter), reddit bros probably just wants to sell high to retire and the stock market bros are the dumbest people with a gambling addiction anyway... so the move might work..

Man, I wish economy didn't depend that much on the stock bros... reddit? IDGAF, they can succeed or fail, I don't use it anyway, but the power these dumbs have globally is so scary.

it's Anjelica Huston as Morticia, you could put "loren ipsum" text and it will still not be ruined.

the OG Morticia was quite cool too, but Angelica really took the character places.

The internet is wild, people spend most of their time in small echo chambers and they think that is the whole internet.

lol, last time I switched jobs some years ago I did the same but in the other side, I had a side small section with level of expertise on programming languages and explicitly added java with 1/10 to send a clear message xD

(is not that radical giving that I've been a embedded/graphics programmer most of my career, but still, funnier than not mentioning it)