Overclock.net › Forums › Software, Programming and Coding › Networking & Security › [Wired] It’s Time to Encrypt the Entire Internet
New Posts  All Forums:Forum Nav:

[Wired] It’s Time to Encrypt the Entire Internet

post #1 of 52
Thread Starter 
lock-660x663.jpg
Quote:
The Heartbleed bug crushed our faith in the secure web, but a world without the encryption software that Heartbleed exploited would be even worse. In fact, it’s time for the web to take a good hard look at a new idea: encryption everywhere.

Most major websites use either the SSL or TLS protocol to protect your password or credit card information as it travels between your browser and their servers. Whenever you see that a site is using HTTPS, as opposed to HTTP, you know that SSL/TLS is being used. But only a few sites — like Facebook and Gmail — actually use HTTPS to protect all of their traffic as opposed to just passwords and payment details.

Source
post #2 of 52
i agree that we need to encrypt the entire internet, even if the only benefit is to make it more time and cost prohibitive for hackers and/or governments unencrypt and get your infos
post #3 of 52
I Like the idea and wish we did do that but in practice it would add a large load to the network. And after the network issues were cleared up, it would also slow things down like streaming video (youtube, twitch, netflix, etc) just in light of the whole encrypt/decrypt process.
Langour
(13 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500k @ 4.7ghz MSI p67a-gd80 MSI N580GTX Lightning @ 960mhz Mushkin Ridgeback 8gb (2 x 4gb) 
Hard DrivePowerCase
WD blue caviar 1T; Mushkin Castillo SSD 60gb Corsair 850HX Corsair 600T Special Edition 
  hide details  
Reply
Langour
(13 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500k @ 4.7ghz MSI p67a-gd80 MSI N580GTX Lightning @ 960mhz Mushkin Ridgeback 8gb (2 x 4gb) 
Hard DrivePowerCase
WD blue caviar 1T; Mushkin Castillo SSD 60gb Corsair 850HX Corsair 600T Special Edition 
  hide details  
Reply
post #4 of 52
Quote:
Originally Posted by serothis View Post

I Like the idea and wish we did do that but in practice it would add a large load to the network. And after the network issues were cleared up, it would also slow things down like streaming video (youtube, twitch, netflix, etc) just in light of the whole encrypt/decrypt process.

Encrypting/decrypting is pretty trivial on today's hardware with reasonable encryption levels.

And for what it's worth, I've used YouTube under SSL for some time now with no adverse effects.
Perpetual Upgrade
(17 items)
 
Server
(17 items)
 
Galago UltraPro
(9 items)
 
CPUMotherboardGraphicsRAM
i7-4770K MSI Z97M Gaming Zotac GTX 1080 AMP! Edition (2x4GB) Corsair DDR3-2000 
Hard DriveHard DriveCoolingCooling
128GB Crucial M4 (2x) 500GB RAID 0 Swiftech Apogee Black Ice GT Stealth 240 
OSKeyboardPowerCase
Windows 10 Pro 64bit Corsair K70 Vengence Seasonic X650 Aerocool DS Cube 
MouseAudio
Logitech G500 ASUS Xonar DX 
CPUMotherboardGraphicsRAM
Phenom II X4 965 MSI 870A-G54 nVidia 8400GS (2x2GB) Patriot DDR3-1600 
RAMHard DriveHard DriveCooling
(2x4GB) Patriot DDR3-1600 (3x) 320GB RAID 5 (1x) 1TB Backup Storage Coolermaster TX3 
OSPowerOther
Proxmox Hypervisor Antec TruePower 430W HP Smart Array P400 
CPUGraphicsRAMHard Drive
Intel i7-4750HQ Intel Iris Pro Graphics 5200  (2 x 4GB) DDR3-1600 90GB Intel mSATA SSD 
Hard DriveOSOSMonitor
500GB 5400RPM HDD Ubuntu Gnome 15.10 Windows 10 14" 1080p ColorPro IPS 
Case
Galago UltraPro 
  hide details  
Reply
Perpetual Upgrade
(17 items)
 
Server
(17 items)
 
Galago UltraPro
(9 items)
 
CPUMotherboardGraphicsRAM
i7-4770K MSI Z97M Gaming Zotac GTX 1080 AMP! Edition (2x4GB) Corsair DDR3-2000 
Hard DriveHard DriveCoolingCooling
128GB Crucial M4 (2x) 500GB RAID 0 Swiftech Apogee Black Ice GT Stealth 240 
OSKeyboardPowerCase
Windows 10 Pro 64bit Corsair K70 Vengence Seasonic X650 Aerocool DS Cube 
MouseAudio
Logitech G500 ASUS Xonar DX 
CPUMotherboardGraphicsRAM
Phenom II X4 965 MSI 870A-G54 nVidia 8400GS (2x2GB) Patriot DDR3-1600 
RAMHard DriveHard DriveCooling
(2x4GB) Patriot DDR3-1600 (3x) 320GB RAID 5 (1x) 1TB Backup Storage Coolermaster TX3 
OSPowerOther
Proxmox Hypervisor Antec TruePower 430W HP Smart Array P400 
CPUGraphicsRAMHard Drive
Intel i7-4750HQ Intel Iris Pro Graphics 5200  (2 x 4GB) DDR3-1600 90GB Intel mSATA SSD 
Hard DriveOSOSMonitor
500GB 5400RPM HDD Ubuntu Gnome 15.10 Windows 10 14" 1080p ColorPro IPS 
Case
Galago UltraPro 
  hide details  
Reply
post #5 of 52
It won't happen. Not the entire Internet.
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
post #6 of 52
https://www.eff.org/https-everywhere

It is not as good as holding the whole net accountable for privacy protections, but it makes sure that if you can use HTTPS, you are. It also fixes some serous problems with unencrypted and encrypted links on the same page.
The Guppy
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 980x Ga-x58a-ud3r rev.2 460 gtx Sli 16gb 
Hard DrivePowerCase
Samsung f3 Corsair TX950W Haf 932 
  hide details  
Reply
The Guppy
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 980x Ga-x58a-ud3r rev.2 460 gtx Sli 16gb 
Hard DrivePowerCase
Samsung f3 Corsair TX950W Haf 932 
  hide details  
Reply
post #7 of 52
Quote:
Originally Posted by SectorNine50 View Post

Quote:
Originally Posted by serothis View Post

I Like the idea and wish we did do that but in practice it would add a large load to the network. And after the network issues were cleared up, it would also slow things down like streaming video (youtube, twitch, netflix, etc) just in light of the whole encrypt/decrypt process.

Encrypting/decrypting is pretty trivial on today's hardware with reasonable encryption levels.

And for what it's worth, I've used YouTube under SSL for some time now with no adverse effects.

it's trivial for small things that aren't schedule sensitive (and depending on method of encryption). So for your normal webpages, sure the difference will be negligible. Imagine encrypting Netflix or Skype. And if they wanted to extend it to all network use (games included) that might cause lots of issues with delays. It would also be heavily impacted by local hardware. You for example have a 4770k, which is new and top of the line, and I believe haswell was supposed to be very good at encryption. But consider the general public that might be running on 5+ year old machines.
Langour
(13 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500k @ 4.7ghz MSI p67a-gd80 MSI N580GTX Lightning @ 960mhz Mushkin Ridgeback 8gb (2 x 4gb) 
Hard DrivePowerCase
WD blue caviar 1T; Mushkin Castillo SSD 60gb Corsair 850HX Corsair 600T Special Edition 
  hide details  
Reply
Langour
(13 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500k @ 4.7ghz MSI p67a-gd80 MSI N580GTX Lightning @ 960mhz Mushkin Ridgeback 8gb (2 x 4gb) 
Hard DrivePowerCase
WD blue caviar 1T; Mushkin Castillo SSD 60gb Corsair 850HX Corsair 600T Special Edition 
  hide details  
Reply
post #8 of 52
^i dont think that's how HTTPS\SSL works.

or it's not nearly as taxing as you think it is to require a 4770 to work well.
Edited by ez12a - 4/17/14 at 9:12am
 
Work Rig
(11 items)
 
 
CPUMotherboardGraphicsRAM
i7-2700k @ 4.5GHz  Asus P8Z68-V/Gen3 Asus GTX 1070 Strix OC G.Skill Ripjaws 16GB 
Hard DriveCoolingOSKeyboard
Crucial M4 128GB + 1TB F3 + Crucial M500 256GB Noctua NH-D15S Windows 10 Pro Cooler Master Novatouch TKL 
PowerCaseMouseMouse Pad
Cooler Master V1000 600T SE Roccat Kone XTD Steel Series 9HD 
CPUMotherboardGraphicsRAM
i7 950 Rampage III Gene 2x EVGA GTX 680 SLI 24gb HyperX 
Hard DriveCoolingOSMonitor
960GB Crucial M500 Intel Stock Windows 7 64bit Enterprise HP ZR2440w + Z24i 
KeyboardPowerCase
Ducky Brown Antec TP-750 Antec Sonata 
  hide details  
Reply
 
Work Rig
(11 items)
 
 
CPUMotherboardGraphicsRAM
i7-2700k @ 4.5GHz  Asus P8Z68-V/Gen3 Asus GTX 1070 Strix OC G.Skill Ripjaws 16GB 
Hard DriveCoolingOSKeyboard
Crucial M4 128GB + 1TB F3 + Crucial M500 256GB Noctua NH-D15S Windows 10 Pro Cooler Master Novatouch TKL 
PowerCaseMouseMouse Pad
Cooler Master V1000 600T SE Roccat Kone XTD Steel Series 9HD 
CPUMotherboardGraphicsRAM
i7 950 Rampage III Gene 2x EVGA GTX 680 SLI 24gb HyperX 
Hard DriveCoolingOSMonitor
960GB Crucial M500 Intel Stock Windows 7 64bit Enterprise HP ZR2440w + Z24i 
KeyboardPowerCase
Ducky Brown Antec TP-750 Antec Sonata 
  hide details  
Reply
post #9 of 52
Quote:
Originally Posted by serothis View Post

it's trivial for small things that aren't schedule sensitive (and depending on method of encryption). So for your normal webpages, sure the difference will be negligible. Imagine encrypting Netflix or Skype. And if they wanted to extend it to all network use (games included) that might cause lots of issues with delays. It would also be heavily impacted by local hardware. You for example have a 4770k, which is new and top of the line, and I believe haswell was supposed to be very good at encryption. But consider the general public that might be running on 5+ year old machines.

Quote:
Originally Posted by ez12a View Post

^i dont think that's how HTTPS\SSL works.

or it's not nearly as taxing as you think it is to require a 4770 to work well.

I'm more worried about Load balancers. F5's etc...

It's reasonably safe to assume most web servers/services are behind a loadbalancer. They have to decrypt all the data and send the decrypted packets to the servers then re-encrypt to send back to the client.

They are designed to do this, but when all traffic is required to be encrypted/decrypted 100% of the time that's going to be alot of load on the devices.
     
CPUMotherboardGraphicsRAM
Intel 7700k Z270M-DH3 UD 1151 MATX Zotac 1070 Amp! Edition CORSAIR 16GB 2X8 D4 3200 C16 VLPX 
Hard DriveHard DriveHard DriveCooling
Samsung 250GB 850 EVO Samsung 250GB 850 EVO Corsair 64GB M4 CORSAIR H110i 
OSMonitorKeyboardPower
Windows 10 ASUS VG248QE 24" 1920x1080 144Hz  Corsair K65 - Cherry Reds SEASONIC 80PLUS GOLD X-650 
CaseMouseMouse Pad
NZXT S340 Mid Tower Computer Case Logitech G502 SteelSeries QcK mass 
CPUMotherboardGraphicsRAM
2500k Gigabyte Z68X-ED3H-B3 EVGA GTX 680 8GB (4 x 2GB) DDR3 1600 HyperX Genesis 
Hard DriveHard DriveHard DriveCooling
256GB Samsung OEM SSD (SLOW POS) 64GB Samsung 830 64GB Crucial M4 Corsair H100 
OSMonitorKeyboardPower
Windows 7 Professional 64-bit Alienware OptX AW2310 Saitek Eclipse Seasonic X750 
CaseMouseAudio
Corsair 650D Logitech G500 Creative Titanium HD 
  hide details  
Reply
     
CPUMotherboardGraphicsRAM
Intel 7700k Z270M-DH3 UD 1151 MATX Zotac 1070 Amp! Edition CORSAIR 16GB 2X8 D4 3200 C16 VLPX 
Hard DriveHard DriveHard DriveCooling
Samsung 250GB 850 EVO Samsung 250GB 850 EVO Corsair 64GB M4 CORSAIR H110i 
OSMonitorKeyboardPower
Windows 10 ASUS VG248QE 24" 1920x1080 144Hz  Corsair K65 - Cherry Reds SEASONIC 80PLUS GOLD X-650 
CaseMouseMouse Pad
NZXT S340 Mid Tower Computer Case Logitech G502 SteelSeries QcK mass 
CPUMotherboardGraphicsRAM
2500k Gigabyte Z68X-ED3H-B3 EVGA GTX 680 8GB (4 x 2GB) DDR3 1600 HyperX Genesis 
Hard DriveHard DriveHard DriveCooling
256GB Samsung OEM SSD (SLOW POS) 64GB Samsung 830 64GB Crucial M4 Corsair H100 
OSMonitorKeyboardPower
Windows 7 Professional 64-bit Alienware OptX AW2310 Saitek Eclipse Seasonic X750 
CaseMouseAudio
Corsair 650D Logitech G500 Creative Titanium HD 
  hide details  
Reply
post #10 of 52
true, but when he mentioned 4770 i kind of assumed he meant the client side of the whole exchange. I doubt any server is running a 4770.

sccm can transfer program packages and quite a bit of data using only HTTPS. Dont see too much of a load on even a 1 core 1 threaded VM client.
Edited by ez12a - 4/17/14 at 9:40am
 
Work Rig
(11 items)
 
 
CPUMotherboardGraphicsRAM
i7-2700k @ 4.5GHz  Asus P8Z68-V/Gen3 Asus GTX 1070 Strix OC G.Skill Ripjaws 16GB 
Hard DriveCoolingOSKeyboard
Crucial M4 128GB + 1TB F3 + Crucial M500 256GB Noctua NH-D15S Windows 10 Pro Cooler Master Novatouch TKL 
PowerCaseMouseMouse Pad
Cooler Master V1000 600T SE Roccat Kone XTD Steel Series 9HD 
CPUMotherboardGraphicsRAM
i7 950 Rampage III Gene 2x EVGA GTX 680 SLI 24gb HyperX 
Hard DriveCoolingOSMonitor
960GB Crucial M500 Intel Stock Windows 7 64bit Enterprise HP ZR2440w + Z24i 
KeyboardPowerCase
Ducky Brown Antec TP-750 Antec Sonata 
  hide details  
Reply
 
Work Rig
(11 items)
 
 
CPUMotherboardGraphicsRAM
i7-2700k @ 4.5GHz  Asus P8Z68-V/Gen3 Asus GTX 1070 Strix OC G.Skill Ripjaws 16GB 
Hard DriveCoolingOSKeyboard
Crucial M4 128GB + 1TB F3 + Crucial M500 256GB Noctua NH-D15S Windows 10 Pro Cooler Master Novatouch TKL 
PowerCaseMouseMouse Pad
Cooler Master V1000 600T SE Roccat Kone XTD Steel Series 9HD 
CPUMotherboardGraphicsRAM
i7 950 Rampage III Gene 2x EVGA GTX 680 SLI 24gb HyperX 
Hard DriveCoolingOSMonitor
960GB Crucial M500 Intel Stock Windows 7 64bit Enterprise HP ZR2440w + Z24i 
KeyboardPowerCase
Ducky Brown Antec TP-750 Antec Sonata 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › [Wired] It’s Time to Encrypt the Entire Internet