Блог пользователя DieAnderen

Автор DieAnderen, история, 9 лет назад, По-английски

Any reason why codeforces isn't using a secured http connection??

  • Проголосовать: нравится
  • +33
  • Проголосовать: не нравится

»
9 лет назад, # |
Rev. 3   Проголосовать: нравится +17 Проголосовать: не нравится

The insufficient amount of paranoia among users and admins probably.

I also anticipate two minor troubles:

  1. Serving via HTTPS requires additional processing time on both server and client (and also makes certain types of caching unusable). When the server is not experiencing peak load this would be hardly noticed. However during contest the amount of requests is very large and I suspect at least the delays will become quite sensible.

  2. If policies of some countries require limited access to certain pages of the site (e.g. due to posting doubtful content by users) — then switching to HTTPS will force internet providers in such countries to limit access to the whole site as the per-page approach could not be used.

Now why we may want to use HTTPS? Do you suspect Snowden is stealing your solutions?

P.S. I myself do not mind HTTPS as long as it is optional, not obligatory.

UPD the main good point I learned from comments below is about preventing TCP sniffing in college LANs. Though I never heard this is a widespread problem right now :)

  • »
    »
    9 лет назад, # ^ |
      Проголосовать: нравится +27 Проголосовать: не нравится

    I don't want my ISP or free Wi-Fi provider inserting advertisement.

    • »
      »
      »
      9 лет назад, # ^ |
        Проголосовать: нравится 0 Проголосовать: не нравится

      use adblock

    • »
      »
      »
      9 лет назад, # ^ |
        Проголосовать: нравится 0 Проголосовать: не нравится

      Just switch to more decent provider. There is no sane reason to mess with providers who do not respect its users.

      If you can't trust provider enough, I doubt you can rely even on https over him as there could be foul play with certificates.

  • »
    »
    9 лет назад, # ^ |
      Проголосовать: нравится +20 Проголосовать: не нравится

    Not snowden, but if you are using college lan, than someone can sniff the packet and get the solution, during the live contest.

  • »
    »
    9 лет назад, # ^ |
      Проголосовать: нравится -8 Проголосовать: не нравится

    Now why we may want to use HTTPS?

    The correct question is: why wouldn't we want to use HTTPS? Privacy is a fundamental human right. You need to present very good reasons to deprive people of this right, not the other way around.

    • »
      »
      »
      9 лет назад, # ^ |
      Rev. 2   Проголосовать: нравится 0 Проголосовать: не нравится

      CodeForces provides free services. You are using these services voluntarily so it is not correct to complain you are deprived of privacy by evil CodeForces admins. And why do you need to post very private and personal info here?

      And HTTPS do not automatically mean privacy.

      • »
        »
        »
        »
        9 лет назад, # ^ |
        Rev. 2   Проголосовать: нравится +5 Проголосовать: не нравится

        I'm not complaining at all, I'm pointing out a flaw in your logic.

        And why do you need to post very private and personal info here?

        And you're making the same mistake again. I don't have to justify to you that I need privacy, you have to justify to me that there is a benefit in not having it. I have blinds on the window in my living room even though I don't do anything "private and personal" there.

        HTTPS is a necessary but not sufficient condition for security and privacy.

        • »
          »
          »
          »
          »
          9 лет назад, # ^ |
            Проголосовать: нравится +4 Проголосовать: не нравится

          you have to justify to me that there is a benefit in not having it

          I started with pointing out two.

    • »
      »
      »
      4 года назад, # ^ |
        Проголосовать: нравится +4 Проголосовать: не нравится

      Not in china

      • »
        »
        »
        »
        4 года назад, # ^ |
          Проголосовать: нравится +30 Проголосовать: не нравится

        You just necroposted a 5 year old blog to say this

        • »
          »
          »
          »
          »
          4 года назад, # ^ |
            Проголосовать: нравится 0 Проголосовать: не нравится

          Given the times we are living in, I wrote the same (as the blog)question on Google and ended up writing the comment. Also if I were to write the same comment in any recent contest , you know what would have happened.

          • »
            »
            »
            »
            »
            »
            4 года назад, # ^ |
              Проголосовать: нравится 0 Проголосовать: не нравится

            Also if I were to write the same comment in any recent contest , you know what would have happened.

            Yes, that is supposed to be a message that you should not do that (under a recent contest or otherwise).

  • »
    »
    9 лет назад, # ^ |
      Проголосовать: нравится 0 Проголосовать: не нравится

    If you're on an open wifi connection I'm pretty sure people can steal your CF username/password because CF isn't using HTTPS even in their login page.

»
9 лет назад, # |
  Проголосовать: нравится +50 Проголосовать: не нравится

https = http + slow