On Sat, 15 Apr 2023 20:30:11 -0400
Jeffrey Walton <noloa...@gmail.com> wrote:
> On Sat, Apr 15, 2023 at 11:09 AM <pa...@quillandmouse.com> wrote:
> > On Sat, 15 Apr 2023 14:01:27 +0100
> > Alain D D Williams <a...@phcomp.co.uk> wrote:
> > > On Sat, Apr 15, 2023 at 08:52:06AM -0400, Greg Wooledge wrote:
> > > While we are talking about this, is there any reason why all the
> > > http: should not be https: ?
> > >
> > > I have done this on my own machine without ill effect.
> >
> > Okay. Let's open this can of worms. The ONLY reason https is used on
> > most sites is because Google *mandated* it years ago. ("Mandate"
> > means we'll downgrade your search ranking if you don't use https.)
> > There is otherwise no earthly reason to have an encrypted
> > connection to a web server unless there is some exchange of private
> > information between you and the server.
> >
> > Reading through all of Google's explanations, I've never seen a
> > satisfactory explanation for this change. With that in mind, I
> > believe the Debian gods did the right thing in leaving their web
> > connections "insecure". Though, in truth, the integrity of Debian
> > server contents wouldn't be changed in the slightest whether the
> > connection was encrypted or not.
>
> The change came after Snowden released his cache of documents and the
> world learned how pervasive snooping is by the US government. There's
> nothing special about the US government, and we know other governments
> were doing it, too.
>
OMG! The U.S. government spying on people??!! They only have at least
one government agency which does only that-- the NSA. And everyone's
known about this forever.
What's even funnier is Google pushing this change, since there's no
nosier company on Earth than those guys. Their treasure trove of user
data probably rivals the NSA's.
Paul
--
Paul M. Foster
Personal Blog: http://noferblatz.com
Company Site: http://quillandmouse.com
Software Projects: https://gitlab.com/paulmfoster
