17 Matching Annotations
  1. Oct 2019
    1. PI keys are supposed to be a secret that only the client and server know. Like Basic authentication, API key-based authentication is only considered secure if used together with other security mechanisms such as HTTPS/SSL
  2. Jun 2019
    1. Top Reasons Why Your Website Needs An SSL Certificate

      Whether your #website is small or large, it needs an #SSL certificate. Here are the top reasons why your website needs an SSL certificate. If your website is on a shared hosting server, you can get it prepared by the web hosting company.

  3. Jun 2018
    1. security

      Hi ,<br> All gov websites holding citizens personally identifiable information should hold a valid third party certificate, as I have seen at most of time, government website do not produce a valid certificate or do not produce any certificate at all , a few examples railway recruitment website which collects candidates personal info, apart from that voter id verification website (http://www.nvsp.in/) also not producing any certificate. in such cases lack of secure communication will help hackers to grab the passed data in between.. Certificates should be mandatory in all local/state / national level government websites.

  4. Apr 2018
  5. Jul 2017
    1. How To Install A Free SSL Security Certificate On Your WordPress Website

      On why are there different prices for SSL certificates

  6. Oct 2016
  7. May 2016
    1. otherwise capture information you provide over the Internet.

      That's the purpose of SSL. Why is it not used globally?

    2. the use of SSL encryption

      When? It is not used globally. Public pages are not secured by SSL.

  8. Aug 2015
    1. It occurred to me that the ideal setup would be a router where the WAN's gateway was a system running a transparent proxy. Thus simply by connecting the device to the router, the transparent proxy software would capture HTTP and HTTPS traffic
  9. Jan 2015
    1. But if you turn data into a money-printing machine for citizens, whereby we all become entrepreneurs, that will extend the financialization of everyday life to the most extreme level, driving people to obsess about monetizing their thoughts, emotions, facts, ideas—because they know that, if these can only be articulated, perhaps they will find a buyer on the open market. This would produce a human landscape worse even than the current neoliberal subjectivity. I think there are only three options. We can keep these things as they are, with Google and Facebook centralizing everything and collecting all the data, on the grounds that they have the best algorithms and generate the best predictions, and so on. We can change the status of data to let citizens own and sell them. Or citizens can own their own data but not sell them, to enable a more communal planning of their lives. That’s the option I prefer.

      Very well thought out. Obviously must know about read write web, TSL certificate issues etc. But what does neoliberal subjectivity mean? An interesting phrase.

  10. Mar 2014
    1. http://bouncycastle.org/download/bcprov-jdk16-146.jar

      This should almost certainly say "https".

    2. We need an authenticity infrastructure when there is no way to have advance knowledge of what SSL certificate a client should expect to see, but your app knows where it will be connecting, and it knows exactly what it should expect.

      Succinct way to highlight this distinction.

    3. Google is already doing this. They have an “app” called Chrome, and when their app makes SSL connections to their own services, it checks to make sure that the certificates it sees are the ones it knows Google is using. They call this “pinning,” and you should do it for your mobile apps.