[gshulegaard]

Correct me if I am wrong, but this doesn't sound like a problem with Postgres. It seems like a problem with the author's specific implementation (self-signed certificates) specifically on Heroku.

Anyone else take something else away from this piece?

[agwa]

The blog post raises several distinct issues. Heroku's poor configuration is the most significant issue, but it's also concerning that Postgres is insecure by default, and supports several different options to sslmode with confusingly-similar names, only one of which is secure under normal circumstances. That's a recipe for developers and database administrators to shoot themselves in the foot. If Postgres had been secure by default, it might have saved Heroku from making this mistake.

[gshulegaard]

See OPs response.

[thusoy]

OP here. That's entirely correct, Postgres deployed correctly is secure against a MitM, but since Heroku has not issued a trust root, they are not.

Edited to add: As a user of Heroku Postgres you can't configure Postgres correctly, Heroku is supposed to do that for you.