Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read

• Previous message (by thread): Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read
• Next message (by thread): Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Dec 31, 2019 at 10:34 AM Royce Williams <royce at techsolvency.com>
wrote:

> On Tue, Dec 31, 2019 at 7:17 AM Matt Harris <matt at netfire.net> wrote:
>
>>
>> The better solution here isn't to continue to support known-flawed
>> protocols, which perhaps puts those same populations you're referring to
>> here at greatest risk, but rather to enable access to open technologies for
>> those populations which ensures that they can continue to receive security
>> updates from a vendor that doesn't have a big financial motive to deprecate
>> devices and force users to purchase upgraded hardware instead of just
>> receiving security updates to their existing devices.
>>
>
> Unfortunately, this is the high-tech privilege equivalent of saying "let
> them eat cake" - because of upgrade friction on mobile in under-resources
> areas (including, I might add, specific sub-populations of US consumers!)
>

Perhaps more unfortunately, the other option - to continue supporting
known-flawed protocols - is simply saying "let them be victimized."

Accepting that we should instead support technologies that place those very
same populations at risk is coming from a place of privilege for the
reasons I mentioned previously: you live somewhere with relatively
peaceful/democratic governance, usually have at least some ISP choice, and
are likely not otherwise under the thumb of an oppressive regime at some
level of another - so when your browser makes a TLS1.0 connection, you
probably don't even think about it, much less worry about it, because you
don't have to. The populations we're discussing here, on the other hand,
all too often do.

What it comes down to is a question of whether we want to solve what we
know today is a real problem or let it fester until abuse reaches an
untenable level in some big, news-headline-making way. One way we can
combat this specific issue is to make open technologies accessible. But
that requires major investment on our side of the world, and prior attempts
to do so (Ubuntu's open source phone OS for example) have largely been
commercial flops.

- mdh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20191231/e5ddbc8b/attachment.html>

• Previous message (by thread): Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read
• Next message (by thread): Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]