Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 11 Dec 2017 10:18:03 +1100
From:      Michelle Sullivan <michelle@sorbs.net>
To:        Yuri <yuri@rawbw.com>, Jason Hellenthal <jhellenthal@dataix.net>, Poul-Henning Kamp <phk@phk.freebsd.dk>, "freebsd-security@freebsd.org" <freebsd-security@freebsd.org>
Subject:   Re: http subversion URLs should be discontinued in favor of https URLs
Message-ID:  <5A2DC0AB.3070900@sorbs.net>
In-Reply-To: <20171210172127.GD5901@funkthat.com>
References:  <97f76231-dace-10c4-cab2-08e5e0d792b5@rawbw.com> <2a6d123c-8ee5-8e1e-d99b-4bce02345308@rawbw.com> <1217.1512685566@critter.freebsd.dk> <A9370975-7077-432C-985A-56657CF0CC98@dataix.net> <83e44188-6e0d-13cc-4b80-d191ac010427@rawbw.com> <5A2A6985.3070202@sorbs.net> <20171210172127.GD5901@funkthat.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
John-Mark Gurney wrote:
> Michelle Sullivan wrote this message on Fri, Dec 08, 2017 at 21:29 +1100:
>> Sorry you want to ensure a secure (trusted) connection you do it
>> yourself.  You go through other nodes (switches and routers of the
> So you're fine w/ all the Comcast users having to switch ISPs?  Because
> Comcast modifies traffic.

Sure, my ISP in Australia modifies some traffic (how much I don't know 
because I haven't looked deeply) first detection of it I setup 
mitigation to secure my connection from tampering... where I care about it.

In my case they disabled https access so they could MITM... All my 
http(s) traffic now goes through a proxy, and all my network traffic now 
exits over a VPN connection to my network in a DC which hosts the top of 
my proxy server chain.

>   So you're now saying that if you use FreeBSD
> you can't use Comcast as your ISP?

No, I'm saying if you can't trust ${ISP} to give you your FreeBSD source 
untampered with, you should not use ${ISP} as your ISP... don't give a 
t*** who ${ISP} is, if you can't trust it, don't use it or mitigate your 
trust issues by doing like me.

This argument is circular and pointless, if ${User} is downloading and 
compiling FreeBSD from source there is a pretty good chance they know a 
little more about Tor than 'I heard this app will allow me anonymity'... 
Seriously, you want anonymity and safety I have a device that I'll send 
you for free... Its lightweight and simple, it consists of two metal 
blades with a pivot in the middle.

Michelle

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5A2DC0AB.3070900>