It's time to ask the real questions around here. Why the

>>58431994
The ones I use do.

>>58431994
Stop watching CP and you won't have this problem.

>>58431994
NSA blackmail. No, seriously.

>>58431994
NO SHIT. Stop watching porn dingus.

>>58432003
CP is literally the only safe thing to watch these days if you want your porn private, seeing as its mainly downloaded via Tor.

>>58432036
Tor is a FBI honeypot.

>>58432021
Yup 40 years from now some dude is gonna run for President, and it will "leak" that he watched abusive granny porn in 2022. The "russian hackers" will be blamed but everyone will know how the information was really collected

>>58432055
Good thing I'm not planning on running for president.

>>58431994
emp is encrypted. Who cares about the others

>>58432047
That's what they want you to think so you don't use it. That arguement is worse than saying HTTPS is useless without authentication, so we should just give giant warnings about the untrusted connection and thereby force anyone who doesn't want to spend money on certs to use HTTP

>>58432058
xvideos has the biggest selection and is best for just browsing and finding new actresses, etc.

pornhub has more hd stuff if you know what you're looking for

never watched emp

File: Screen Shot 2017-01-10 at 11.35.28 PM.png (17KB, 331x130px) Image search: [Google]

17KB, 331x130px

>>58431994
That'll probably change later this year when Google and Mozilla flip this warning on by default for sites that lack SSL and all websites scramble to setup https so their users don't get scared away

>>58432085
This is coming 1 7years too late.

>>58432085
I have this enabled already. Might as well get used to it. I'd say the transition is likely to be pretty slow.

>>58432085
Hopefully, but it will be more effective if it's a full page warning like the "your SSL certificate looks fishy, get out of here!"

>>58432096
17*

>>58432079
emp has everything you can find on any other site.

I've never even heard of emp

>>58432099
It'd have to explain what http means as well;
All your browsing activity is available for others to see!

Would be most effective on porn

>>58432085
Considering it just takes one corrupt CA to allow the attackers to MITM any HTTPS connection, I don't see how this can improve the situation.

File: Untitled.png (19KB, 362x281px) Image search: [Google]

19KB, 362x281px

>>58432148
Yup I was just about to say that

This needs to include:

>All your browsing activity is available for others to see!

If common people the NSA talk is bs, then warn them about public WiFi and how it's a very easy/real thing to snoop on.

>>58432160
>>58432148
>All your browsing activity is available for others to see!
That would be a lie. Outside of wifi, your browsing activity can be seen by only a very limited set of entities.

>>58432157
Yeah the whole CA system is flawed but you gotta start somewhere. Encrypted connections with potentially compromised CA is better than plaintext.

>>58432000
Which ones do you use, anon?

>>58432176
>All your browsing activity is available for others to see for anybody who listens in!

>>58432185
That's misleading because it does not explain how difficult it is to be in position to listen in.

>>58431994
xhamster does if you force it with something like https everywhere or add it to the https list in noscript.

Because that costs money and requires extra workload. It's a porn site, the only thing that needs to be encrypted is the login/payment pages which are encrypted.

>>58431994
Mine is, although connecting to the ip address is damning enough:
https://e621.net/
At least they don't know how damning it is

>>58432203
The technical overhead for SSL isn't that much. And SSL certs are getting cheaper.

Porn traffic is just as sensitive as login data IMO.

What we really need is some sort of false flag where a disgruntled ex boyfriend working at an ISP is able to stalk his girlfriend's porn traffic because it's plaintext. Get everyone scared and stir up a frenzy to force change.

>>58432196
its not misleading, because you can be certain that the NSA is tapping that connection from all the leaks we've seen.

>>58432231
Or maybe not her porn traffic, but something else that's unencrypted. I'm not sure a female watching gangbang porn would be a sympathetic figure for change lol

>>58432178
This >>58432229
and ponibooru.

>>58432196
>how difficult it is to be in position to listen in.
Being on the same network is hard?

>>58432259
make it lesbian porn and then get /pol/ to demonize here for being a degenerate. It will make liberal tears flow and the SJWs in silicon valley will be moved into action.

Can't your ISP still see everything anyway? What does it actually protect?

>>58432297
They can only see encrypted traffic, not what that traffic is. They can also see the destination, IP. but as long you use dnscrypt, they can't see the domain name. However porn site IPs probably are well know, but at least they won't know what porn you are watching.

>>58431994

porn isn't actually valuable in itself

>>58432297
No your ISP can't see encrypted traffic. HTTPS traffic is end-to-end (only you and the porn server can see what you're doing)

But, because of the way HTTPS certificates are set up, someone like the NSA could easily decrypt your traffic.

But like I said here >>58432177 some encryption is better than none at all.

>>58432321
You do realise that by trying to protect your privacy, you're only making yourself a bigger target, don't you?

>>58432341
>widespread server-side security makes you a bigger target

>>58431994
>The obvious answer is that the gubbament is recording all our plaintext porn traffic to use against us in the future.
Most porn companies are American and free, even if you block ads. It's pretty obvious that they are secretly funded by three letter agencies.

>>58432341
You're right, we should all rollover and give up lol.

I assume you're talking about how e.g. adding the Do Not Track option to your request headers is another way to uniquely id you.

We have to at least try for some semblance of privacy before it's completely eroded

>>58432341
>Being a "target" is worse than having everything you ever did online known
Classic "psyops for nerds" post right here.
How are things over at Fort Meade, my federal friend?

https://www.youtube.com/watch?v=fwcl17Q0bpk

File: 1460963451826.png (184KB, 1600x2162px) Image search: [Google]

184KB, 1600x2162px

>>58432229
>>58432263
>ponyfuckers
>beastiality sickos

>>58432283
for the average "attacker" yes

>>58432333
> But, because of the way HTTPS certificates are set up, someone like the NSA could easily decrypt your traffic.

Only if they hacked the routers containing the private keys or nobbled the random number generators in them. Issuing interception certs is an active attack and could be noticed. NSA use passive attacks unless they're, y'know, actively attacking a target.

>>58432341
troll, or do we really have spais on here?

>>58432372
>still fapping to humans
Ignorance is a bliss.

>>58432381
Why take the long hard road? The NSA could just bribe a CA to issue a legitimate cert.

The NSA can't beat the math. When that happens they can just be thugs and hold a gun to your head while asking for the password, or they bribe.

File: madass.gif (2MB, 320x240px) Image search: [Google]

2MB, 320x240px

>>58432284
this could work

>>58432372
>ponyfuckers
I blacklist that shit. I wish they had an entirely different site. Pony faggotry pulls the furry fandom down
>beastiality
If you describe two sentient consenting adults that both have tails and fur as bestiality, then sure

>>58432363
We shouldn't roll over, but he's right too. By protecting our privacy we're standing out as people who have something to hide, even if we don't.

It's really shitty, but most people just don't care and we're too much of a minority to actually matter.

Watching the history in someone's computer have much stronger effect than a hacker/gob revealing what someone searched five years ago.

And it is not like SSL is the problem. Google tracking stuff is.

>>58432402
But then you have the real cert and the fake cert out there in the wild, which exposes them to risk of discovery. Better to steal the private keys to the real certs by backdooring the routers, then you can intercept the traffic passively without showing your hand. Even better, make the RNGs that generated them not-so-random, or encourage weak ass encryption primatives so that you can just sniff the traffic rather than actually using up assets like signing fake certs.

I mean, of course they have hacked the CAs and can sign man in the middle certs for any domain, but that shit's saved for active attacks against specific people. You don't waste your military assets on the general population like that, it'll get exposed and counter-measures will be invented by joe public. Unless you're a target NSA are sneaky and passive, like all military intelligence.

>>58432430
So? Most people don't care about politics and those who do are also targeted by multiple countries for collection, blackmail and so on. At least we're just nerds, it's not like we're going to try to change the status quo.

>>58432430
>It's really shitty, but most people just don't care

You may be right. People are so distracted and entertained all the time (including myself) that eventually we're (probably) gonna be in a Brave New World scenario where everyone is satisfied and complacent and the ruling powers can do whatever the fuck they want, because they've mastered the psychology of entertainment.

>>58432452
Yeah you're right, a forged CA would be a per incident basis and done sparingly.

>>58432430
But zero-configuration behind-the-curtains encryption like SSL that applies to everyone doesn't make people stand out. It hides everyone instead, even if they don't know it.

>>58432066
>That's what they want you to think so you don't use it.
i smell pork. must be why you're trying to get someone to fall for your honeypot.
oink oink.

>>58432484
Can't your isp still see the URL?

>>58432494
No, the domain at most

>>58432494
No. They can see the IP address, but once you're connected the HTTP shit like headers and responses are all inside a secure (TLS) tunnel.

>>58432494
They can see the domain (e.g. boards.4chan.org) if you're using their DNS server, but not the full URL path (/g/catalog)

If you don't use the ISP's DNS server, they *can* still see the IP address you connect to, so they could simply do a reverse lookup, but that's extra overhead for every single connection, so it's very unlikely they'd do it since they're running a business.

>>58432509
And that's from the separate DNS request

>>58432526
Right. It's trivial to link the two, but the point is its very much hidden. They don't have the URLs

File: 1470430509245.gif (339KB, 492x376px) Image search: [Google]

339KB, 492x376px

I'm OP and wanted to say thanks for the discussion. I knew there was more to /g/ than stallman memes and install gentoo.

File: 1462207993915.png (127KB, 240x240px) Image search: [Google]

127KB, 240x240px

>Why the fuck don't porn sites use encrypted connections?
>Not a single one does.
he posted, on a porn site that uses https.

>/g/
>2017

>>58432522
They can also capture all DNS traffic, since it's not encrypted at all.

>>58432522
this
don't ever expect your domain or subdomain you connect to, to be private

but other than that it's quite easy to secure the rest.

>>58432488
>>>/x/

>>58432558
yea you can use pihole and encrypt the traffic, I prefer this method as your pihole box will cache your DNS and you can encrypt where the pihole grabs dns data so at worst they see 1 DNS request for a site even if you visit it 50000 times

>>58432429
i actually hate that ponyfags are automatically considered to be furry when often they're not, the furry fandom makes ponyfags look bad

>>58432570
That's pretty cool. Might give that a shot when I get my pi up and running later this week

>>58432570
Can you change the cache time on pihole? IIRC when setting up other DNS servers, the cache time is set by the website domain holder (e.g. Google's DNS record expires faster since they have so many dynamic servers)

If you could set the cache time to e.g. last an entire day, that would be awesome. If it starts breaking things you can just adjust.

>>58432576
a furry is an adult man who has an age-inappropriate obsession with cartoon animals. if you are a grown man who fanboys a cartoon about talking animals you are a furry.

being creepy fucks who jerk off to loli horses and giant dog penis isn't part of the definition, just a coincidence because people who can't seem to grow up tend to be fucked up in more than one way

why would anyone be a furry except to troll? it's basically announcing that you are childish because you are a child, autistic, or completely retarded.

>>58432570
>>58432584

it looks like pihole uses dnsmasq

>DNSmasq uses the DNS TTL value for determining the caching period. You can use the dig command to query the current TTL of your DNS server for that domain.

So unless pihole changed something (possible), the cache time is still set by the remote domain

>>58432580
https://pi-hole.net/

blocks ads too
The only issue I've had when running this at my parents house was my step dad had issues with google and the "googleadservices" domain being blocked because when he googles for new hot tub pumps (this was the instance) he clicks the top link which are ads

I forced google.com to route to searx.me and it fixed the issue as they don't show the ad services links on top anymore.


>>58432584
yep there's a min cache on dnsmasq
https://serverfault.com/questions/706516/how-long-does-dnsmasq-cache-dns

pi-hole uses dnsmasq and I have set it for a month to cache stuff, I haven't ever had any issues with that. worst case you just gotta flush the cache
my router also caches my pi-hole indefinitely from what I can tell (TOMATOUSB) idk why it does that but doesn't bother me.

>>58432618
yea the server fault link on my post will show

--min-cache-ttl

useful command, for our purposes at least

>>58432632
it says you set the --min-cache-ttl in seconds, and a month in seconds is 2.628e+6 lol, did you enter that?

>>58432644
2592000

>>58432372
>2017
>not wanting to fuck a pony

What are you even doing here?

>>58432651
I just read on the DNSmasq page about changing --min-cache-ttl

>Dnsmasq limits the value of this option to one hour, unless recompiled.

I guess pihole has taken care of this. I was trying to reconfigure dnsmasq on my Ubuntu installation. Bah. I need to buy a raspberry pi anyways

>>58432713
idk what it was, I've never got dnsmasq working on anything based on ubuntu I guess I'm retarded

but they lock down and change their dns shit and it's really weird, idk, I prefer the basic install and setup with a .conf from debian or anything else.. instead of fancy ass gui overriding shit like ubuntu

the only luck I've had with ubuntu based (mint specifically) is gpu drivers are fucking balls easy to install

>>58432445
Google tracking can be blocked/avoided. Not as big of a problem imo

>>58432727
Yeah Ubuntu uses the "Network Manager" and it's notoriously shit especially for dnsmasq.

>>58432488
But detective, If Tor is an FBI honeypot, then why does you guys at the FBI need to write browser exploits to hack pedos, instead of just logging their IP via the network?
https://thehackernews.com/2016/05/fbi-tor-firefox.html

>>58432231

ISP's don't store data in an indexed format.

You'd only be looking at meaningless logs of requests to and from IP to a NAT bloc, they wouldn't know which pages you visited exclusively. Most ISP's at this point have a carrier grade NAT using an RFC address space to number their customers but the RFC address space doesn't log specific web addresses it only logs the domain/IP address and this is why copyright notices ISP's issue require YOU to acknowledge that you downloaded the content.

>>58432780
>this is why copyright notices ISP's issue require YOU to acknowledge that you downloaded the content.
I knew my emails back to my ISP saying I have no idea what they're talking about were helping.

>>58432780
>and this is why copyright notices ISP's issue require YOU to acknowledge that you downloaded the content.

I never knew that, never gotten a copyright notice before. I guess that plays into the "An IP address is not a person" court rulings. Just say you left your WiFi open and maybe the neighbors did it.

>>58432780
>Most ISP's at this point have a carrier grade NAT

I know NAT but not carrier grade, it sounds like multiple customers share 1 public IP. That sounds like a dumb idea - if the address space is that desperate just transition to IPv6 already.

I'm reading about it and there don't seem to be many positives https://en.wikipedia.org/wiki/Carrier-grade_NAT

>>58432878
shared IPs are pretty common, where I used to live everyone on my block had the same IP address.

>>58432900
So if one person gets banned from e.g. Youtube, then the whole block does? Sounds like troll central

How did you find out everyone had the same IP? Wondering if there's an easy way to detect if an ISP is using CGN

>>58432878
Considering ISPs ran out of ip4 addresses in 2011 multiple people are almost guaranteed to be using the same IP.

>>58432930
I was in the unfortunate position of being well known for fixing computers. Neighbors would call me over to fix their shit, and then pay me with food and sometimes money.

>>58432961
story of my life

Is it possible to make a fully local DNS cache? How many domain entries are out there?

>>58433022
In theory, yes. In practice no.
Nobody really knows how many domains are out there apart from IANA. Seeing as there is no central repository and you need to request them from each nameserver, it would essentially mean a brute-force attack of trying every possible combination of characters on every known nameserver.

>>58433022
You mean globally? Shit I don't know but it's a lot. Google says over 1 billion websites exist. I guess you could cache that many locally if you had some beefy servers and knew how to make it work.

>>58431994
>2014+3
>people unironically using single porn streaming sites instead of meta search

>>58432878
>>58432930
>>58432943

They've been doing it even before 2011. Satellite and cell tower connections are all carrier grade NAT for example, it's cheap and requires less management. The larger ISP's haven't bothered buying new IP addresses in over a decade and in most cases the large ISP's lease IP addresses to the smaller ISP's. IPv4 only ran out of purchasable public addresses because of the new ISP giants in places like India, China, Vietnam etc. purchasing them.

I doubt IPv6 will catch on anytime soon because there's no profit to be made especially not for the larger telecommunication companies whose markets are fully saturated and as you've probably seen and are a victim of they're more than happy oversubscribing their services, providing subpar performance while taking tax breaks from the federal government at the expense of taxpayers.

>>58433022
A better idea would be a p2p network where DNS lookups and their (secure) responses are shared between the network.

Better than that, if the IETF weren't completely fucking compromised by the NSA and we had DNS encryption by default, we could have privacy between us and our DNS servers.

>>58432321
But they can still see the URL of every page you visit, even if they can't see the contents of it.

>>58433084
They see the IP address, not the full URL.
The requested page is part of the encrypted HTTP message.

>>58432961
fuck yea man I love that
give me food and I'm set

>>58433084
Use Wireshark and you'll see that the URL is encrypted. Only the IP is visible.

>>58432079
>>58432111
nudevista has everything you can find on pretty much any site

>>58432021
Well, given that xhamster once used https but tgen suddenly stopped

>>58432263
Didnt the website get shut down?

>>58432576
Ponyfags are worse than furrys man.

I atleast understand furrys. But mlp fags need to die

File: CYUPn61UwAAEW71.jpg (17KB, 400x215px) Image search: [Google]

17KB, 400x215px

>>58431994
I only watch mommy porn so I'm ok with getting suggestions and stuff.

>>58432021
>implying logs, backdoors does not exist on HTTPS sites

>he thinks https will save him from botnet

>>58433653
>>58433677
>Don't even bother with security you insolent techie, big brother is always watching
Potential security better than no security at all, its basic probability.

>>58432601
ok

>>58431994
Hi Pleb.
That (i) next to it marks the connection as a nonsecure site.

https://www.playboy.com

>>58434156
your dad fapped offline version of this site

>>58433620
who's this semen demon

>>58433620
source?

>>58434173
>>58434758
krissy lynn

>what is reverse image search

>>58434828
>>what is reverse image search
it didn't worked as always

>>58434838
it did on the literally first try

>>58432780
>they wouldn't know which pages you visited exclusively.

This is completely false. They do know every unencrypted page you visited.

File: Screenshot_20170111-060319~01.png (230KB, 1080x747px) Image search: [Google]

230KB, 1080x747px

>>58431994
You are going to the wrong sites my man

with Let's Encrypt, webmasters have literally no excuse to not use HTTPS

>>58435222
>No excuse
I think my favourite was "our adverts aren't served over https so the user will get warnings which will scare them away from the site"

Another was CPU usage, though that might be significant, as the site serves moderately high bit-rate video.

>>58435205
Based
If only they allowed actual HD content

Literally the only website I use that doesn't support HTTPS is /g/hentai. I've never really noticed it on other erotica sites though.
also
>2017
>3DPD

>>58435519
exhentai supports https

>>58435558
buet e-hentai doesn't
wew

>>58435558
The images on exh are served over H@H by default and are unencrypted.

File: Screenshot_2017-01-11-12-59-24.png (1MB, 1440x2560px) Image search: [Google]

1MB, 1440x2560px

Lad

>>58431994
using porn history against you is a meme

>>58435633
and shilling isn't

Who gives a fuck if somebody can see what porn im watching

>>58435699
/pol/ will when the DotR happens and they gain access to the NSA archives.

>>58435699
>>58435633
This,
unless it's some fucked up shit or pedo.

>>58435699
>implying I want people to know I watched gay fur suit porn when im running for a HR

>>58431994
Pornography and the people behind it are absolute filth. HTTP allows advertisers to gather additional information about the page the user is on. Their IP, browser, even screen resolution are all able to be found out by third parties over HTTP.

Please stop watching pornography and masturbating. It has ruined many bright minds of this current generation and the upcoming generation as it is a routine habit. It ruins our abilities to problem solve as it conditions us to masturbate whenever we are frusturated.

Frusteration, rather than just becoming a fleeting feeling becomes ingrained until you need an actual release. This can lead to a daily or multiple daily need to masturbate. If you masturbate this frequently, your prolactin levels rise. You in general become less motivated. The genital region remains engorged (penis larger than normal, balls sagging). Your penis should shrink to the size of the neo-classical when not erect. Just try running in boxers after masturbating frequently.

Quitting smoking is much easier than quitting a pornography habit.

>>58435699
I would probably kill myself if someone discovered how much BLACKED I watched unironically.

>>58432066
Let'sEncrypt is free

File: 36colette8.jpg (10KB, 200x231px) Image search: [Google]

10KB, 200x231px

>>58431994
Masturbation isnt the problem

Its porn
Oh how the evil Jews have sickened the minds of our youth with this filthy music and sickening films

1/2

>Some years ago the author received the following interesting letter from a reader of this writings: July 29, 1936 Dear Dr. Siegmeister: I was wondering if the draining, at any time, of the lecithin and phosphorus, and other valuable substances during any sexual act, hindered achievement of the higher intellectuality, and if the brain and body were debilitated? Please answer this very important question. I am having great difficulty to understand how a person as myself, can store up vast amounts of sex forces without expending it. To make a long story short, I do not understand the very function of the sexual apparatus. Please send me any literature that you have on hand, concerning this matter, and I will greatly appreciate it. Also refer me to some excellent books which will cover this subject in full. I beg of you. Do not neglect answering any question asked in this letter. Thank you,

>>58435839
2/2

>To this letter he made the following reply: Dear Mr. L_____________: "You ask whether the draining from the body of lecithin and phosphorus through the sexual act will hinder the highest intellectual achievement and debilitate body and brain. Most definitely this is the case. Read my article on "Do Neuroses and Psychoses have a Chemical Origin?" in the June, 1936 issue of The Modern Psychologist, in which I show that the loss of these nerve-and-brain foods through sexual indulgence in any form deprives the nerves and brain of needed nourishment and leads to nervous and mental disorders. Our insane asylums are now overfilled with the victims of thoughtless sexual indulgence which has withdrawn valuable nutrients from the brain and disordered its functioning. These pitiful individuals, when in possession of their normal brain-structure, never realized that with each discharge of seminal fluid, they are pouring forth the very substance of their nerves and brain, until a time is reached when their brain is so sapped of lecithin that it ceases to function. Measurements have shown an actual decrease in the lecithin content of the brains of the insane. This was due to previous sex indulgence.

>"The greatest intellectual geniuses in both ancient and modern times led continent lives, and there is yet to be recorded one individual who freely expended seminal fluid who ever amounted to anything. In most cases, individuals who have achieved have been forced by necessity to abstain from sexual indulgence, as Cervantes, who wrote Don Quixote while in prison, or Dante who wrote his Divine Comedy while in exile. Milton wrote "Paradise Lost" when blind and when he did not indulge in sex. Sir Isaac Newton, active in intellect until the age of 80, led a continent life from birth, and so did Leonardo da Vinci and Michelangelo, both of whom retained their creative genius [until] an advanced age.

>>58431994
>using pornhub
>ever
wew lad. This place is full of CP.
And one day the police will visit you for using it

>>58432372
Hey man (not including ponies) anthro shit is basically just a Xeno fetish

>>58431994
>uses pornhub
pleb

>>58435862
/r9k/ must be full of geniuses then huh

oh wait

>>58435830
as much as this post is shitposting...
i've been on the verge of not caring about having sex with my gf as long as i can watch some dirty nasty shit my gf would never do (...its vore, ok?)
Fucking jews

>>58435865
oh look, a baseless accusation with no evidence.

>>58431994
https causes a lot of overhead on the server.

>>58431994
Xvideos is free and is encrypted with https

>>58437474
>causes a lot of overhead

No it doesn't. It causes some of course, but not a lot.

>>58431994
ashemaletube does :^)

>>58431994
better question is, why did Bing remove all the porn? It was the best porn search engine, but they purged all results from adult sites.

No, setting safesearch to off does not fix it.

Are there any other video search engines that allow for porn sites? That was literally all I used Bing for, and it worked great.

>>58438238
Oh shit does it?

>>58438248
>better question is, why did Bing remove all the porn?

Probably because Bing was gaining a reputation for its porn proficiency, and Microsoft doesn't want to be associated with that because it scares off advertisers.

Anytime you have a question "why did company x do y?" - it's probably because y was costing them money.

>>58431994
I don't watch porn, but I'd reckon it's because of the ads.

>>58438263
yeah check it out brotha!

Eroshare uses https. All the best cuckold content from subs like /r/hotwife is hosted there.

File: Untitled.png (67KB, 499x505px) Image search: [Google]

67KB, 499x505px

>>58438363
It looks like you can't browse without signing in with a social media account

into the trash it goes

>>58438414
you don't browse

>>58432055

More like at the moment the US government can instantly find out if anyone on the planet is gay by simply looking at their porn habits. They can then use this as a basis for looking further into their lives and find out if they have secret boyfriends. They then blackmail those people into becoming assets with that information.

I mean seriously, if you have the porn habits of everyone in the world, you can pressure them with just about anything.

File: 1482775862199.webm (2MB, 640x800px) Image search: [Google]

2MB, 640x800px

>>58431994
Jokes on you, I download my porn in 1080p from a private tracker over VPN.

I believe xhamster uses https. Although it's still xhamster.

>>58432452
>Better to steal the private keys to the real certs by backdooring the router
Private keys are cached on the routers?
They transit in clear in the first place?

>>58438519
>a porn site you can't browse

into the trash it goes

>>58432111
never heard of it, google only gives me empflix, is that the site you're talking about?

>>58431994
NSA knows that i binge on ava addams almost every week
So I'm ok

File: tmp_28124-1475594920051-1878302035.gif (348KB, 540x400px) Image search: [Google]

348KB, 540x400px

>>58438964
What's wrong with xhamster? I've found they can have some good vids.

>try https
>catalog loads for 1 minute
into the trash

THERE IS NO FUCKING WAY THIS MANY PEOPLE ON 4CHAN ARE JUST SUGGESTING TO STOP WATCHING PORN. WAS I REDIRECTED TO SOME FACADE REDDDIT FAGGOTRY? THE FUCK IS WRONG WITH YOU PEOPLE?

File: _20170109_111502.jpg (2MB, 2500x2805px) Image search: [Google]

2MB, 2500x2805px

>>58437242
It's not s^^^posting. Its whats turning people - as in, it makes kids re-create whats on porn with there friend. I had a friend that did things with his friend.

Its really a disgusting thing. Took me a while to fix it

File: images(8).jpg (57KB, 519x591px) Image search: [Google]

57KB, 519x591px

>>58441310
No, reddit dont see the problem with BLACKED.com and GAYPORN.com and KEKED.com.

They just think if they stop masturbating it will benefit them, make them feel better - make there penis feel better. Which is a meme.
I can understand why you took it the >>>/reddit/ way. Reddit are full blow m'ladys (Athesits)

>>58435839
>>58435862
>medical citation from 1936
lol hope its trol

>>58441310
Porn is too mainstream though, you can't be a contrarian fucktard if you watch porn anymore

>>58431994
Lack of encryption is only a problem if you have to input your password, and lets face it, whats the point of having a porn site account. Even on a website with SSL enabled, your ISP (and therefore the government) still gets the DNS resolution metadata and therefore a link of what you watched.

>>58442231
You're retarded, stop giving security/privacy advice

>>58442250
Compelling argument, now take your fedora off and see this:
http://serverfault.com/questions/447653/does-ssl-also-encrypt-the-dns-address

>>58433716
>>58432021
But the Feds can track anything can't they? I always assumed HTTPS was for foreigners and random parties, like to prevent the Ruskies from finding out that I watched a video of girls peeing on a bed. But can't the Feds and your ISP pretty easily see through the HTTPS?

>>58432229
>>58432263
If i was watching this retarded shit I would also like to stay as anonymous as I could.

https://www.chansluts.com

here you go, encrypted porn

>>58432021
>your at a presentation or talking live at a stadium in front of thousands or 10`s of thosuands
>nsa bursts in
>"hes watched porn!"
>crowd gasps
>"okay show of hands who else watched porn"

situation instantly defused. shit becomes a sparticus moment

>>58438833
gonna need sauce on that

>>58441310
>watching porn
>good
pick one
t. massive degenerate

>>58442626
It's not impossible for three-letter agencies to break TLS. The CAs are a big vulnerability.

The value in using it is that it makes life a lot harder for them. With unencrypted HTTP the government can just sit back and passively snoop, and there's no way for the target to know they're doing it. They can run mitm attacks with impunity. HTTPS removes their ability to listen passively. They have to compromise a CA and target people and sites specifically. Things like public-key pinning mean that bogus certs stand a good chance of being seen. You know what the NSA really, really, REALLY hates? When they attack someone and it's headline news in the tech press a week later and all the security bloggers are talking about how the NSA probably hacked someone and this is how they probably did it and so on.

HTTPS doesn't make it impossible for the government to snoop. But it makes it much more difficult and expensive for them to snoop, to the extent that generally they can't do it. It vastly raises the entry fee for targeted surveillance and makes untargeted surveillance infeasible. That's its value.

There should be a similar warning that comes up when the site is using a self signed certificate when people use no encryption at all.
The message should be longer, and if it ends with "ignore this forever" like with certificates, it should be fine.
The gray globe should be replaced by a red icon as it is easier for most people to see a red icon than the lack of a green icon.
Firefox has failed in these areas.
10+mbit internet has been the slowest option for about a decade now, there is no reason to use insecure connections anywhere.
The main reason we used it in the past was so we could save bandwidth by connecting to proxies, but that is not relevant unless you have very big downloads of the same file, also a thing we do not do as much anymore.

>>58443382
Replace "he's watched porn" with "he's watched BBW bondage porn for 20 years". No public figure would like that

>>58432047
educate yourself a little bit

>>58431994
That's why I only use /gif/ and certain subreddits for that stuff. Even if your HTTPS gets broken somehow, they see your list of URLs visited as 23049860968.gif on 4chan.org and Xks8HgSx4k5.gif on imgur.com.

I don't even like most porn anyway. If I'm looking at it I'm probably drunk on a special occasion.

Load.

The primary cost for porn sites is bandwidth and server time. They don't want to be paying to encrypt and decrypt http when it just isn't necessary.

So the state/adversaries can watch porn with you. So what?

>>58443968
no worse than admitting you fucked a pig's head. That guy got back in.

>>58444224
>>So the state/adversaries can watch porn with you. So what?
Porn or otherwise, the state shouldn't be able to watch what I or anyone else do online. At all. Ever. With or without a warrant.

>>58444175
>>58442300
And also because if your DNS knows you requested porno-website dot com, it's obvious what you went to that site for... while for 4chan/Reddit those sites are not just for porn so have plausible deniability.

>>58444261
I agree on a philosophical level but this isn't practical in the reality we live in.

>>58444307
We can bring it vastly closer if everything that hits the wire uses strong crypto. The overhead of doing SSL/TLS isn't nearly as onerous nowadays as it was in the 90s. It's a few percentage points of load at most.

Plenty of progress has been made spreading HTTPS since Snowden. The next step probably needs to be browser-makers saying they'll start popping up security warnings for anything not using TLS.

>>58432522
ips might be useless now tho. many sites use cloudflare and you cant access the site directly with the ip.

>>58435624
>3 fucking battery indicators
I want to see the world burn

>>58443968
and yet, statistically, lots of them have.

>>58443968
and yet, statistically, lots of them have. if the goverment really came out and started to try to use this as a weapon, youd just start revealing how normal it is to be into weird shit. when you start finding out that every married fat person fucks then fat porn suddnely is gonna get more tolerated. accepted, no, but when 40% of your population partakes in it, it becomes normalised