The site is still not completely TLS exclusive.

[Brumby]

I should have specified my precondition too though. My bad. The crash I was talking about is the standard small vehicle crash test used in China. That test model is chosen specifically to reflect the average crash condition in China (that is, normal Chinese highway speeds, hitting a target with a lot of inertia equivalent to a loaded truck.) and it results in certain death without seat belts.

That is better.  You have now defined a situation - one which was necessary for your conclusion to have any validity.

Now how do you specify what a crash is then? Without a precondition your argument is invalid too.

My argument was not invalid.  The statement I made did not mandate a single, specific outcome - yours did.

To illustrate:
If the 'crash' was at 10km/h into a parked car, then my original statement is still valid.  Yours was not.

Yours only achieves validity after defining much more extreme crash parameters.

Even then, to state 100% fatality is an absolute that is very likely to fail.  All you need is ONE person to survive such a crash - no matter how badly injured they may be - and your argument falls down.  I know I'm being picky, since the probability of survival is extremely low - but absolutes are things of which I am wary.

[Brumby]

Anyway ... this is off topic.


Lets just leave Gnif to sort out stuff in peace.

[amspire]

Anyway, so you broke compatibility with my favorite browser. Oh well, can't be helped, but at least now I know what happened.

The Vivaldi web browser (a project continuing the Opera 12 features) works fine with the forum.

https://vivaldi.com/

[PA0PBZ]

I am not a black hat hacker.
Also this attack requires an attacker physically located near you which I am not.

Thank you, you just invalidated your earlier statement.

Logging into anything without TLS is absolutely equivalent to posting your password here.
Anyone want to see it would be able to sniff it off the network.

[denverpilot]

All the drama over http/https and TLS lately and the world still doesn't have a proper standard for encryption of DNS.

DNSCrypt is out there but a long way from being commonplace or standard.

[technix]

I am not a black hat hacker.
Also this attack requires an attacker physically located near you which I am not.

Thank you, you just invalidated your earlier statement.

Logging into anything without TLS is absolutely equivalent to posting your password here.
Anyone want to see it would be able to sniff it off the network.

Nothing is invalidate. I have no interest in your password, nor do I have the resource to physically go near your point of presence. Should anyone wanted to troll you, with enough free time on their hand, they can sniff your password off your connection and begin trolling.

[SeanB]

Yes, the Internet was originally a network to join computers, and worked on the assumption that all were implicitly trustworthy. Nothing can really change that, all is just going to be another layer on top.

That is why Telcos still offer ( at a real ruinous price, they hate the 5 nines reliability they have to provide with this which means dedicqated techs in the areas just in case, along with a lot more equipment redundancy over the current IP "best effort" approach) dedicated lines, with data travelling over internal Telco switched packet networks, with guaranteed throughput and multiple path redundancy along with automatic failover to the redundant path on error. We just last year turned that off, and I still have the old packet switches and router in my office to tear down, Not much call these days for a 56k link, but it was secure, and was perfect as an email link from our ISP and a connection that would almost never go down for support to work through.

[technix]

All the drama over http/https and TLS lately and the world still doesn't have a proper standard for encryption of DNS.

DNSCrypt is out there but a long way from being commonplace or standard.

At least on my home network I set up a local DNS cache server and firewall rules that enforces all DNS requests to DNScrypt gateway on my router. My home network implementation is fairly hardened...