Four short links: 1 February 2013
Icon Font Fun, Rails Security, Indie Economics, and GitHub MITMed in China
- Icon Fonts are Awesome — yes, yes they are. (via Fog Creek)
- What the Rails Security Issue Means for Your Startup — excellent, clear, emphatic advice on how and why security matters and what it looks like when you take it seriously.
- The Indiepocalypse (Andy Baio) — We’re at the beginning of an indiepocalypse — a global shift in how culture is made, from a traditional publisher model to independently produced and distributed works.
- China, GitHub, and MITM — No browser would prevent the authorities from using their ultimate tool though: certificates signed by the China Internet Network Information Center. CNNIC is controlled by the government through the Ministry of Industry and Information Technology. They are recognized by all major browsers as a trusted Certificate Authority. If they sign a fake certificate used in a man-in-the-middle attack, no browser will warn of any usual activity. The discussion of how GitHub (or any site) could be MITM’d is fascinating, as is the pros and cons for a national security agency to coopt the certificate-signing NIC.