|
|
|
|
|
|
by MichaelGG
3668 days ago
|
|
|
>encrypted connection without a verified certificate Encryption doesn't work very well without authentication. In most cases any attacker with access to the medium has read+write. And without auth, you only need to, say, change DNS to insert yourself. Opportunistic encryption is really just a last-line defence against dragnet type surveillance. Which is good, but it's hardly having end-to-end. |
|
|