> My fear is that these companies will use this Superfish debacle to attack and restrict the ability for users to download legitimate software which leverages these technologies.
They already have, with HTTP/2. Encryption is mandated for HTTP/2 so something like Privoxy (or even just a caching proxy) has to use a Superfish-like method to bypass the encryption. The only alternative is to modify the browser, which they are also locking down with unchangeable ChromeOS and limiting plugins to only officially sanctioned ones.
...and you won't really even be able to just not use HTTP/2 because the web will be much slower as pipelining is not even implemented in Chrome, and Firefox will no doubt drop it soon. Websites optimized for HTTP/2 could take minutes to load without pipelining.
The real irony is that neither Google nor Mozilla determined what software caused pipelining problems, so guess what, it was Superfish and its like. Instead they made a new protocol that requires Superfish-like MITM interception, to work around problems caused by Superfish-like MITM malware.
HTTP/2 doesn't actually require TLS (it got removed because of too many people pushing for it not being required for things like home routers and the like), though none of the major browser vendors intend on supporting HTTP/2 without it.
They already have, with HTTP/2. Encryption is mandated for HTTP/2 so something like Privoxy (or even just a caching proxy) has to use a Superfish-like method to bypass the encryption. The only alternative is to modify the browser, which they are also locking down with unchangeable ChromeOS and limiting plugins to only officially sanctioned ones.
...and you won't really even be able to just not use HTTP/2 because the web will be much slower as pipelining is not even implemented in Chrome, and Firefox will no doubt drop it soon. Websites optimized for HTTP/2 could take minutes to load without pipelining.
The real irony is that neither Google nor Mozilla determined what software caused pipelining problems, so guess what, it was Superfish and its like. Instead they made a new protocol that requires Superfish-like MITM interception, to work around problems caused by Superfish-like MITM malware.