News EFF unveils Let's Encrypt HTTPS programme

Sales maybe going up, not really surprising, but it seems that there are very few commercially available encryption products that have not been compromised.
Probably best not to tell your customers about that

www.theguardian.com

 

Except of course the customers of vpn services are under surveillance from the very moment they even consider using one...

https://daserste.ndr.de/panorama/aktuell/nsa230_page-1.html

 

personally its a bad ideal to use a VPN service as you are not in control of the the VPN connection or encryption keys. business that are serious about protecting data would use there own and offload the keys

well i hope you dont bank online or use itunes or buy from amazon. I take the the above with a pinch of salt and mealy suggests not confirms with proof that these relationships exist and that backdoors are built in to products.

I did see mention of many services for VPN which are known and again most likely down to the fact the NSA or GCHQ hold the master key after obtaining legally or illegally from said company

It hard to obtain a key when its sat in a box that can only be accessed using 2FA locally.

It also mentioned brute forcing using super computers which i guess ultimately is possible

i guess overall long story short - nothing is 100% but making it as close to 100% as possible is preferable.

 

And keep your fingers crossed that no one has brokered a deal with the manufacturer of the box to insert any weaknesses, or other exploits.

 

If it takes you 2-3 hours to install an SSL certificate you should not be hosting a 'secure' website.

 

It's referring to the time taken to obtain the certificate, not install it.

 

And if that fails they simply drop some spyware on your system, doesn't really matter then if they have access to the encryption you use for your communication.