top | item 46212080

(no title)

landr0id | 2 months ago

I'm surprised Firefox didn't warn me when I went to the page. Hostile teleco/MITM waiting for HTTP traffic are a real-world way that nation states deliver exploits.

discuss

vpShane|2 months ago

It did for Librewolf -- what I moved to from Firefox. Self-Signed certs I'm down with, http I'm not, and never will be for any reason. Plain-text data transmissions have no acceptable reasoning.

unknown|2 months ago

[deleted]

schmuckonwheels|2 months ago

You do realize self-signed certs are useless, could have been tampered with, and could have just as easily been created by a malicious actor?

There's a reason most default self signed certs are called "snake oil".

gldrk|2 months ago

PKI is basically powerless against nation states executing a targeted MITM attack. It does prevent them from passively snooping everything.

vhcr|2 months ago

You can enable it in the settings.