[Discuss] Reusing Passwords on Different Sites Should be OK
Edward Ned Harvey (blu)
blu at nedharvey.com
Fri Sep 18 07:17:17 EDT 2015
> From: Discuss [mailto:discuss-bounces+blu=nedharvey.com at blu.org] On
> Behalf Of Matthew Gillen
>
> just because a malicious employee could run
> wireshark on the production boxes doesn't make me forfeit my expectation
> of privacy.
We all know that we shouldn't login to things over http:// and we've all been trained to use https:// every time. Because random employees of the ISP and other networks could use wireshark, we know we have no reasonable expectation of privacy over http://
The world needs to know, the same problem is still true over https, but instead of thousands of employees operating the routers of the internet, it's thousands of employees operating the load balancers and web servers at google, twitter, facebook, akamai, etc.
More information about the Discuss
mailing list