[Cryptography] HTTP should be deprecated.
dan at geer.org
dan at geer.org
Tue Nov 19 20:02:41 EST 2013
| Though seeing what addresses you look at can tell them a lot of
| that, even if they can't read the content.
| https://www.eff.org/deeplinks/2013/06/why-metadata-matters
quoting my own sorry ass and all the lameness that implies,
We have known for some time that traffic analysis is more
powerful than content analysis. If I know everything about to
whom you communicate including when, where, with what inter-message
latency and at what length, then I know you. If all I have is
the undated, unaddressed text of your messages, then I am an
archaeologist, not a case officer. The soothing mendacity of
proxies for the President saying "It's only metadata" relies
on the ignorance of the listener.
--dan
http://geer.tinho.net/geer.uncc.9x13.txt
More information about the cryptography
mailing list