The perfect example of misinformation appeared on a Dutch news site today.

It said that thousands of sites had the 'secure' *mark* due to running https but weren't actually secure because they were malicious.

Those cunts are mixing up the thing called a connection with fucking content/what happens on a site.

And those Russians are spreading fake information, right? You didn't even have examples of that and now you're doing it yourself.

Oh dear...

That's called doublethink

I read that.
"Onderzoek van de NOS"

WHAT RESEARCH?!?!? It's well-known!

This is why i stopped watching news on television. Now i just get news from a guy on youtube that i trust gets me correct information

@Condor met een goein batterij/accu gaan dr vast wel genoeg kilowatts door de auto om em vooruit te bewegen

@Condor Are we even sure that lithium batteries are better for the environment then kerosene?

@Condor They're saying that insecure sites are called secure while they're doing malicious things. Solely called secure because they have the green lock.

Give them feedback that they shouldn't publish tech news if they have no clue about tech.

Is it April in Russia?

If google did a good job, I understood that they were actually saying that people thought that the green padlock meant it was secure and that it’s not the case, so actually, they are correct. Good thing they talk about that in the public.

@-vim- They're saying that a green padlock means the site is secure but in a way of that it is valid and won't steal anything/have malicious purposes. A green padlock has nothing to with that.

@linuxxx yeah, this is one of the reason we need to educate people about what’s really going on the Internet

@Condor Speaking of car batteries and lithium: https://electrek.co/2016/11/...

Couple years old but still. And there are many different variants of Li-ion batteries.

Not to be pedantic. But you're right that is misinformation. Because it's unintentionally incorrect. Russian intelligence (and all other government intelligence in every nation) does actively spread disinformation. Information known to be false with the intent to damage someone else. I get what you mean, and I generally agree with the spirit of your point. Just thought it was worth mentioning.

I actually have been working on a video about this...

Will bookmark this post and do some on-topic self-promoting when I finished it :)

@Condor to be fair, I don't trust most IT teachers anymore...

I see so many teachers that learn their students bad habbits, just because "it's in the book" (saw a school that only taught their students basic security in webdevelopment in the 5th year of their education... THE 5TH FKIN YEAR!?

@Condor back when I started my classes in Application Development, I thought: Nice, we gonna learn dat PHP Framework shizzle und sum C#...

nope, basics of HTML, CSS and Javascript with PHP basics in the second year, more of that stuff in the third year, more of that stuff in the fourth year, FINALLY we learned some basic security in the fifth year, and sixth year was just preperations for the exams...

I failed my exams because I used:

- Bootstrap (3.x back then)

- jQuery

- SCSS (for custom styling)

- Propel2

- Ratchet (PHP WebSocket library) + HTML5 Websockets

instead of:

- fully from scratch CSS

- plain from-scratch Javascript

- plain CSS without pre-compiler

- MySQLi

- xhr polling

Needless to say, I dropped out of school (again) after that...

I get really annoyed by this. I read it on the telegraaf but how they reported it. It sounded like something was wrong.

Instead of just explaining that that the green icons means that the connection is secure. I'm pretty sure people will understand that. If you tell them that the connection to the site is protected but the site could still be a scam.

@Condor huh jij bent Nederlands xD

@Condor cpanel has the option to get a letsencrypt ssl

@MrWouter talking to an ICT guy is an investigation. If you can get payed doing that you should

@Condor yeah I think it is.

@ChachiKlaus the funny thing about the Russian misinformation is that some Dutch politicians said it was happening and that they'd seen examples but every goddamn time that they were asked for examples, they suddenly couldn't remember any examples or didn't want to give any.

This Dutch comedian/news guy spend hours of searching and finally found one of the examples which they might have been talking about.

Someone analyzed it and it was literally a Russian informative site about the netherlands! There was no misinformation found.

Also this case of ddos attacks on a few banks and the Dutch site tweakers.net.
People (and politicians) immediately started to point towards Russia because that was 'the most logical perpetrator'.

The attacker was found: a Dutch guy in a tiny town somewhere in the Netherlands. When asked why he did it: "they'd probably just blame Russia because that's easy and voila, they did right away. Did it mostly to prove that point"

I believe that you're right by the way. Just saying that's it's very easy to point towards Russia :)

@linuxxx very interesting. I didn't realize it was so highly specific there. It's a little different where I live. Thanks for sharing that information. Very good to learn.

the problem is that alot of organisations are spreading the information that a HTTPS padlock means that a website is safe to use. there have been cases in which malicious website use SSL certificates in order to confince visitors that their website is save. the HTTPS padlock only suggest that the connection is secure, but if you are connected with a malicious site bad stuff will happen.

organisations should stop saying that HTTPS padlock means that a site is save and instead say that the connection itself is safe. which means something enterly diffrent.