The Clipper Chip revisited: HTTPS considered harmful.

[ThePythonicCow]

.
The agencies of our elite overlords have tried several times, over the last few decades, to gain a monopoly on securely encrypted communication. One (in)famous such case happened 22 years ago, when the NSA proposed requiring all Internet communications devices to use what was called the Clipper Chip for any encryption of transmitted data. Only the government (and more resourceful thieves) would know the secret key or other means to break the encryption. The Clipper Chip proposal caused quite a bit of outrage at the time.

As a computer geek in Silicon Valley at the time, I followed the Clipper Chip closely, and breathed a sigh of release when it was beaten back.

Little did I realize at the time that another such, far more pervasive, surveillance and control grid, would be well on its way to global implementation, a couple of decades later.

===

There is now a far more serious threat to robust and secure communication between humans, relying on several key technologies, including HTTPS, GPS, the Internet of smart meters, smart cars and smart things, ubiquitous cameras, facial recognition, and wide spread use of the Web for all manner of social, commercial, financial, entertainment, and research activity.

HTTPS is the "secure" communication that earns the "green padlock" icon of safety in our web browsers. HTTPS relies on "security certificates" that are issued by "trusted" Internet companies and that provide the "trusted" encryption keys needed for "secure" Web access.

Whereas advocacy groups such as the Electronic Freedom Foundation (EFF) successfully opposed the Clipper Chip, they, including the EFF, are largely in favor of the web converting from HTTP to HTTPS. Most major websites have already converted. Google (Chrome), Mozilla (Firefox), Apple (Safari) and Microsoft (Edge) are pressuring other sites (including Project Avalon) to convert to HTTPS, by warning users that HTTP sites are not safe. Google (likely a partner of the CIA) is using its dominating position on the Web to force other Web companies, such as Symantec and Microsoft, to play by the Web security rules that Google imposes.

HTTPS is the "wave of the future" ... and the future is arriving rapidly.

Unfortunately, HTTPS presents a major threat (actually, multiple threats) to our freedom on the Web. They can both watch us (surveil us) and control us (block our access), by controlling HTTPS.

• Since only major corporations (that play ball with Google) issue and control the security certificates (the encryption keys) that encrypt and decrypt our HTTPS "secure" traffic, therefore only major corporations (that play ball with Google) have the keys to spy on us.
• Not only can the agents of our overlords spy on us, they can disable our Web access. By downloading software updates to any Windows PC, Mac, iPhone, or Android device that is receiving automatic updates, they could disable all HTTPS access from that device for any individual, or any identifiable group of people.
• Not only can the agents of our overlords disable individual access to all HTTPS sites, they can also, even more easily, disable any particular HTTPS website that has fallen out of favor, by canceling that site's security certificate.

An increasing proportion of the population is relying heavily on Web access to communicate (twitter, text messages, phone calls, Facebook, etc), to shop online, to pay for purchases made in person, to bank online, to pay utility bills and rent online, for entainment (Youtube, Netflix), and to follow the events (or sports games or whatever) of the day.

All the major websites and the bulk of Web traffic already uses HTTPS.

The main push from Web security experts is not to stop this, but to make HTTPS even more secure!

The agents of our overlords are rapidly setting up both global surveillance and global control. They are increasingly able to surveil humanity to a fine degree, tracking where we are and what we say or do They are increasingly able to control us, blocking any individual, group, or website, and blocking any purchase or communication, at will (their will.)

===

As I documented at the time, a couple of weeks ago in this post, I ran into this sort of block myself. I applied some software updates to my main Linux PC that (unexpectedly to me) disabled all my outgoing HTTPS traffic. Until I dug up some old fashioned web browsers that were less "secure", and restored a working configuration using backups, I was rather in a world of hurt. I couldn't access most websites; I couldn't run searches looking for technical information or software to download; I couldn't use Skype; I couldn't use email. Most people don't have extensive backups, the technical ability to troubleshoot such problems, and multiple old fashioned, HTTP only, web browsers ready at hand, especially if they are using iPhone or Android handhelds or Mac or Windows PC's, and have little control over what software they run.

===

HTTPS security certificates control who transmits Web packets to whom, and who can view inside those packets. To paraphrase George Carlin, it's one big control grid, and you don't control it. A few giant corporations control the Web.

The World War II German Nazi's, the Cold War East German Stasi, and the Russian KGB must all be jealous of the degree of surveillance and control of the population that is now rapidly being deployed on a world wide basis.

===

My guess is that public disclosure of advanced alien energy and transportation technology will happen when our overlords have sufficient control over humanity that they can be confident that this new technology won't be used against them.

I'm guessing that such disclosure is not that far off ... unfortunately.

===

P.S. -- The "considered harmful" in this thread's title comes from a famous 1968 computer science paper by Edgar Dijkstra: "Go To Statement Considered Harmful" (pdf).

P.P.S. -- I spelled out my concerns with cryptocurrencies and blockchain technology in more detail in the Blockchain Will Save Free Speech thread Post #13, Post #14, and Post #24. Blockchain technology is not the key to our privacy and freedom; it's another technology that will prove useful to constructing an interlocking chain of gateways on the Web, under the control of major corporate interests, working on behalf of our elite overlords.

[ThePythonicCow]

A couple more comments on this ...

HTTPS is essentially the same as the NSA proposed Clipper Chip of the 1990's, just with a different implementation. Both impose (or were designed to impose) wide spread encryption, using secret keys held by some "trusted" central authority ("trusted" by the elites, which doesn't mean worthy of trust by us common folks.)

HTTPS is being imposed using a typical strategy - get the public concerned about some problem (in this case, it was the security problems using unencrypted HTTP on the Web, that anyone who had access to the data packets could read), and offer a solution that is centrally administered. Then if and when the solution achieves wide spread adoption, make it increasingly mandatory. Avoid exposing to the public its potential for misuse by the central authorities until its widespread use is locked in.

===

The uproar in October of 2016 over the Obama administration not renewing the contract for ICANN, the Internet Corporation for Assigned Names and Numbers, who has top level control of the Internet DNS namespace, may well have been a bit of a distraction. ICANN actually has quite rather little leverage over the content and policies of the Internet.

Google has far more control over the content and policies of the Internet than does ICANN. Google dominates search engines, email (with GMail), browsers (with Chromium), maps, translation, video (with Youtube), and smartphones (with Android).

It is primarily Google that is forcing the Internet to adopt HTTPS. It is Google who forces other companies (such as Symantec and Microsoft) to adopt standards, fix security holes, and cease cease practices that are unacceptable to Google. It is Google who has the best set of hooks (such as the Google Translate button at the bottom of this page) throughout the web, enabling it to track users better than anyone else. It is Google who was accused of trying to influence the November 2016 US Presidential election by slanting search results.

Don't ever forget - Google is quite likely a CIA project, or at least "good friends" with the CIA.

[Jantje]

If you happen to be the owner of a website, it is quite likely you get messages from SEO optimization services to upgrade your system to HTTPS.
I see a quite agressive campaign to do so. This supposedly would get your website higher in google ranks if you do upgrade.
This info is quite interesting

[ThePythonicCow]

Important update: here

[ThePythonicCow]

Posted by Paul (here)
The uproar in October of 2016 over the Obama administration not renewing the contract for ICANN, the Internet Corporation for Assigned Names and Numbers, who has top level control of the Internet DNS namespace, may well have been a bit of a distraction. ICANN actually has quite rather little leverage over the content and policies of the Internet.

Notice that a world-wide imposition of strict HTTPS requirements, and similar "security" constraints, can now be issued by ICANN, which is under "United Nations" (UN) control. Perhaps that is the real reason that Obama handed over the ICANN contract to the UN in October 2016, in order to set this "opportunity" (to impose global tyranny on the Internet) by a UN chartered agency.

[ThePythonicCow]

Thanks to some reporting by Jim Stone on his website jimstone.is, I noticed that Ron Paul's website https://www.ronpaulinstitute.org is difficult to access, due to a misconfigured HTTPS "security certificate", which is marked as good for a long list of dubious looking websites, but not for "ronpaulinstitute.org".

Presently if I try to access the Ron Paul article President Trump: Toss Your Generals’ War Escalation Plans In the Trash (https), I have to click through about three scary looking (to anyone not skilled in the technology) screens before I get to see the page. Try it, and you too can probably see this. However, if I use the "insecure" http:// URL, President Trump: Toss Your Generals’ War Escalation Plans In the Trash (http), I get to the page right away. Since this is no banking or email website, not even a website providing a login, there is no serious requirement for https encryption, unless you're afraid some "man in the middle" is going to read your "Ron Paul" accesses over your shoulder, or alter the words on the fly, from Ron Paul's server to your PC.

I have no clue whether this is intentional blockage by some minions of the elite bastards, or garden variety misconfiguration.

But it is a good example of what can be done to softly suppress traffic to a website. The same HTTPS apparatus could also be used to completely take down a website relying on "https://..." so-called secure access.

Jim Stone has come to the same conclusion I have, as he explains in his latest post entitled "HERE IS WHY I DO NOT USE HTTPS" (not that that is all that strong support, as Jim is well known for being able to find conspiracies where no one else can.)