> Declining quality of comments? Creeping influence of politics?
It's a fallacious argument in my book. Like comparing apples and oranges.
Say I run a bakery. What I care the most about is the quality of
my bread. So much, I spend all my time working on that and only that.
So much, I didn't ever bother to have a lock at the door. But it's
not even a big deal if someone comes in and poisons one of the bread, as long
as the overall quality is increasing!
> SSL is a giant waste of time for Hacker News
Yes, if by "giant" you mean that it takes like 2 hours to set-up, and a small payload for each
negociation. But concerning the payload, Arc is not especially fast,
so there is room for improvements there to compensate, if needed.
> modulo the fact that people might be crazy enough to use a shared password here.
Not the point, the point is HTTP sniffing.
And anyway, people could use a shared password, making it easier for them (don't overestimate
human memory), if HN used (HTTPS and) a "real" password encryption scheme (bcrypt or the like). Why put the burden on the user when you can put it on the computer?
No, that is an extremely bad idea. Even if they use bcrypt. Bcrypt exists to protect the site owner from calamity, like, "thousands of user passwords posted to Rapidshare". It does very little to protect individual users against the attacker who busts into your server; whether you use bcrypt or not, they still get the contents of every input type=PASSWORD that hits the site.
If this was a real product, this would clearly not be my advice. But it's not. It's just HN. The worst case to an attack here is not all that bad.
There's some goofy YC stuff that happens through this site. If asked, my advice regarding security and YC would not be "make HN more secure so the YC stuff is safer". It would be "get the YC stuff the hell off HN."
<really, really dumb question>
Hi Thomas, I have checked your profile because I am confused by this whole conversation (I mean the social dynamic of it where you are mostly being downvoted into oblivion -- I have no hope of following the technical points). I can't find the info I want. For the unwashed masses (like myself), can you clarify: Aren't you some kind of security professional?
Yes, tptacek runs a security consultancy. Why are you surprised? He's not wrong that the worst-case scenario isn't that bad, and he's a lot more "practical", for want of a better word, than either e.g. cperciva or me. (cperciva picks his serverside crypto algorithms for side-attack-resilience; tptacek points out that not having buffer overflows is asking too much of most software.)
This is not to say that I agree with him - the worst-case scenario isn't that bad, but setting up SSL is easy and the right thing - but he's not babbling nonsense or anything.
Not surprised. Just trying to verify if he had the subject matter expertise I thought he had or not so I can better understand the discussion. Since I am a member here, security of the site does matter to me as it potentially directly impacts me. But I lack your depth of knowledge of the subject. So the credentials of different speakers matters to my understanding. For someone like me, whether he is being downvoted because he has no clue what he is talking about or for some other reason entirely makes a significant impact on my understanding of the situation.
I am being downvoted for two direct reasons and one indirect one: (1) people universally think it's trivial to enable SSL for HN --- and it is, in the grand scheme of things, for non-hobby non-side projects, and (2) people care about the security of their HN account, even though virtually nobody else does, and so they have little to worry about. Meta-reason: people assume I'm being argumentative for the sake of it; I'm not. SSL is a waste of time for HN.
For what it's worth, I cofounded it, and I'm a principal, but Dave Goldsmith runs it. Working with me is a hazard of joining us, but working for me isn't, so much.
Oh come on. How long would it take someone who knew what they were doing to set up SSL? Run Apache on the same machine, listen on 443, and reverse proxy to the arc app. It would take less than 30 minutes to set up.
Fifty bucks worth of work, once, which pays a dividend each and every time a security conscious user visits the site. That's not a waste of time, that's a no-brainer.
FWIW, Paul Graham, made a fuss about putting in a simple link to the searchyc page for searching through archives. His reason was that he didn't want to spend time on something that wasn't really focused on the important issues like comment quality.
He took a lot of flack for, what was surely just a 2 minute job editing some html template, but I can kind of see that logic now.
When you add the link, it signals that you deem "Searching Archives" as an important feature of the site and then it's suddenly no longer just a simple href= entry in a text file somewhere.
Dealing with SSL could be in the same boat. By adding it, you're implicitly saying that 'this site is serious enough to warrant proper security measures' and then that's another rabbit hole that's difficult to get out of.
