top | item 17540853

(no title)

tscs37 | 7 years ago

I don't think encryption hinders the true ideas of the web, it merely blocks malicious actors, of which there are many in almost all areas and connections.

The entire set of encryption can be easily opened up for inspection and manipulation if all parties agree this is good idea.

discuss

xg15|7 years ago

If all parties agree, yes. But that likely is not the case - e.g., an app developer would likely want to have maximum freedom in what data they send over the wire, while a user would want to minimize the amount of data transmitted (for simple cost reasons) and also control which personal and/or sensitive information is transmitted.

Encryption where the user does not control either of the endpoints stacks the odds in favor of developers and against users.

I agree however, that the situation for the web (e.g. everything that lives inside a browser) is still pretty good thanks to the ability to add custom root CAs and general user the browser's debugging and inspection tools.

However, if you try to find out what exactly a mobile app, a game console or an IoT device is doing, you soon find yourself out of luck even if you're the owner of those things.