Re: https everywhere.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 05/16/2015 04:18 PM, Peter Lawler wrote:
People monitoring your connection know what you've updated, and what you
haven't, thus knowing what you may be vulnerable to, is a problem.

If I'm monitoring your https connection: I know the list of mirrors. That's public information. I know when updates are released. That's also public. I know when you last connected, so I can probably reason what you haven't updated. If I track the amount of data you download, I can probably tell if you skip an update, as well.

https doesn't improve your privacy in this application.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux