Web Encryption is now FICTION. But there's LetsEncrypt...

preview_player
Показать описание
Web encryption is now completely broken. Recent changes announced in the EU will now ensure that a man-in-the-middle will be common place and we will be made to think that encryption still exists. I will explain this serious issue that really makes our expectation of security and privacy on the internet be complete fiction.

However it is not fiction when you go to websites powered by LetsEncrypt. Let's find out why.

00:00 Intro
02:55 Web Encryption is Broken
06:06 But Wait...The Real Bad News
09:14 History Will Now Repeat Itself
10:58 LetsEncrypt. The Last Bastion of Trust
13:27 LetsEncrypt Demo
18:10 Summary

-----------------------------------
-----------------------------------
Merch Store
-----------------------------------

I'm the Internet Privacy Guy. I'm a public interest technologist. I'm here to educate. You are losing your Internet privacy and Internet security every day if you don't fight for it. Your data is collected with endless permanent data mining. Learn about a TOR router, a VPN , antivirus, spyware, firewalls, IP address, wifi triangulation, data privacy regulation, backups and tech tools, and evading mass surveillance from NSA, CIA, FBI. Learn how to be anonymous on the Internet so you are not profiled. Learn to speak freely with pseudo anonymity. Learn more about the dangers of the inernet and the dangers of social media, dangers of email.

I like alternative communication technology like Amateur Radio and data communications using Analog. I'm a licensed HAM operator.

Please follow me on
Odysee
Rumble
  1. Rob Braxman Tech
  2. internet privacy
  3. tech privacy
  4. privacy
  5. de-googled phones
  6. brax2 phone
Рекомендации по теме
Web Encryption is 0:21:32

Web Encryption is now FICTION. But there's LetsEncrypt...

Watch This Russian 0:02:56

Watch This Russian Hacker Break Into Our Computer In Minutes | CNBC

7 Cryptography Concepts 0:11:55

7 Cryptography Concepts EVERY Developer Should Know

NSA can break 0:00:49

NSA can break common Internet encryption new Snowden documents reveal

How do hackers 0:11:55

How do hackers hide themselves? - staying anonymous online

A Novel and 0:01:19

A Novel and Highly Secure Encryption Methodology using a Combination of AES and Visual Cryptography

Asymmetric Encryption - 0:04:40

Asymmetric Encryption - Simply explained

Cybersecurity Expert Demonstrates 0:03:27

Cybersecurity Expert Demonstrates How Hackers Easily Gain Access To Sensitive Information

Cyber Security Headlines: 0:25:16

Cyber Security Headlines: Week in Review (September 2 - 6, 2024)

James McKee (punkcoder) 0:38:32

James McKee (punkcoder) - Encryption for Developers - DEF CON 29 AppSec Village

[ENG] sva: 'Encryption 0:43:05

[ENG] sva: 'Encryption for the masses with pretty Easy privacy' / #LinuxPiter

Top 10 Hacker 0:11:20

Top 10 Hacker Movies

Cyber Security – 0:47:30

Cyber Security – Where Encryption is Your Ally | KnowledgeHut

Should The Government 0:32:09

Should The Government Have A National Encryption Policy? || #IndiaHangOut

How Law Enforcement 0:05:58

How Law Enforcement Breaks into iPhones

Unlocking Secrets: Homomorphic 0:00:57

Unlocking Secrets: Homomorphic Encryption Unleashed! #homomorphicencryption #cybersecurity

Encryption (2014) | 0:02:56

Encryption (2014) | Behind the Scenes - Episode One | KTV

Stealth Networking & 0:15:31

Stealth Networking & Encryption

What Happens to 0:43:24

What Happens to Encryption in a Quantum-Classical World? | Lets ask Alice, Bob and Eve by Danni

Client v/s Server 0:09:55

Client v/s Server Side Encryption

Encrypted - Official 0:01:43

Encrypted - Official Trailer | Bengali Web Series | Souptick | Payel Sarkar | Aishwarya | KLiKK

Nuix Digital Investigations 0:45:59

Nuix Digital Investigations Solutions: Defeating Encryption And Password Protection

Preon: A New 0:00:44

Preon: A New Candidate for Post-Quantum Cryptography #quantumcomputing #security #encryption

The history of 0:02:59

The history of encryption | ExpressVPN stories

Комментарии
Автор

Whenever someone says ‘stakeholder’ post 2019 you should hear ‘slavemaster’. That’s exactly what these people think they are, they believe they own you because you never lifted a finger to put a stop to their control freak insanity.

daa
Автор

Lord bless you Rob. Thankyou for all you are doing. Someday, we will master this beast known as the internet because of work like yours!

WunderOps
Автор

I'm not sure how Let's Encrypt can avoid being ordered to give up certificates or any cooperation requested under the Patriot Act simply because they have a physical location in the United States.

edbotwinik
Автор

It was never been broken, it was by design.

kentaviousaurelius
Автор

It's by design the system of trust assumes trust is implied. I had a project a while ago were I needed to debug the communication between a proprietary android app and a API server hosted by third party. I installed my own generated certificate authority into android, setup a router that intercepted DNS requests and provided my proxy server as the domain of the the host API. I then signed my proxy server certificate with my certificate authority allowing my proxy to look like the target API server. This is actually easy if you know how. Again this system is designed to be flawed to support spying most certificate authorities are registered and operated out of the US. Haven't people wondered how the US can intercept emails or bank transfers. Or how Apple phones can be decrypted. Public private key security is only secure if you trust the authority.

justindressler
Автор

People need to have their own cypher pads that are interchangeable and regularly cycled so that one time cyphers make the governments attempts mathematically impossible to crack hence why they still use one time cypher pads with international ham radio transmissions, they can assert whatever they want and as long as the cypher pads and the cypher key can be dissolved immediately or immediately lit they haven't got a dam thing and they could have the coded message with a text and still can't prove or crack a dam thing. People use encryption, make your own keys, cypher pads and be ready to destroy at any point, privacy only dies when we accept it as dead. School mathematics makes it where the individuals and masses can take that back and stick it back up at the governments.

treesaremadeofwood
Автор

The real question is:
Why do humanity allow, expect even, intelligent psychopaths in powerful positions?
Solve that, and everything else follows automatically.

ZappyOh
Автор

Been using Let's Encrypt/certbot for my Nextcloud's TLS certificate for years now. It's awesome that it's one of those "set it and forget it" kind of things where once it's configured, it just does its own thing and you don't have to mess with it. One thing I did change was I went into the certbot config for my domain and changed key_type from RSA to ECDSA to get elliptic curve encryption instead of RSA.

gerowen
Автор

As soon as I saw the heading "But Wait...The Real Bad News" I knew it was about EU even before I started to listen to this part.

test-rjvl
Автор

Man, I wish all this had surprised me. PKI certificate fraud is big news to me. But I can't say it surprised me.

MO-ssqt
Автор

I just wanted to point out that even LetsEncrypt can be compelled by a government to give out their keys, so I see no reason to care about their domain cert issuing methodology.
What can work though would be the option to distrust certs issued by authorities from certain countries like i.e. N Korea, Iran, USA, Russia or China.

miaudottk
Автор

There is a need for the emergence of a global freedom movement! It would be terrific if all the privacy organizations and pillars of free speech (such as you are) could be united under an umbrella! I observed that most people have absolutely no clue of these things..

rftzpgh
Автор

There is one pice in this puzzle that needs to be better explained: the DNS. To impersonate a domain to create the mitm the DNS must be also controlled. I am not denying what you are saying, I am pretty confident that you are right about current number of root authorities and that is probably to facilitate government surveillance.

ventura
Автор

The Comodo compromise was more than proof that 3rd party trust is complete bunk. I have told people since the first Commercial CA was put online that it was all a scam. Massive amounts of money has been given for these Public Certificates for nothing more than to say..."trust me bro".

CD-vbfi
Автор

There is a story about a guy who got contracted by the ATF because he looked at a forced reset trigger on gunbroker

AshGreen
Автор

a series on old outdated certificates or one as an addition to this series is needed too rob if you have time to check that out.

cexeodus
Автор

Thanks, again, Rob! And, thanks for leaving a moment at the end to click, "like."

oasismike
Автор

And if there is now only one major player from EFF providing private PK, what makes you think that all governments wouldn't focus their attention on cracking or social engineering of a single target company to reveal the PK? And what makes you think that this hasn't already happened?

mjmeans
Автор

If the browsers implemented checking the CT (Certificate Transparency) logs and the CAA (Certification Authority Authorization) record it would dramatically reduce this issue.

genralit
Автор

This is (and your theme's in general) absolutely Priceless not just to general public, but even more so to people that feel (by lack of life study and experience) themselves as some sort of misplaced informatic neanderthals (meself included) .

-AndAllThatJazz..