[xroche]

And you probably know much better than the second most important guy on linux what security means on the Internet: securing some javascript script on a random blog.

[axiomofquality]

HTTPS should be expected by now - ISPs keep messing with my unencrypted traffic.

[lisper]

Then you should get yourself a different ISP or a VPN.

[AaronFriel]

This is an extremely easy thing to say for many people around the world.

But for a large number of people - Americans, folks in countries with monopolies or state manipulation of internet traffic - it is not.

Not everyone has a different ISP to choose from. VPNs are a risky proposition and can significantly reduce bandwidth and increase latency.

[sigmar]

Anyone that thinks ISPs don't mess with traffic, should check out this malware research

https://www.virusbulletin.com/conference/vb2017/abstracts/la...

[mjal]

Some places have no other choices for ISPs. I don't disagree that a VPN would help but that feels like it's simply dismissing that there's a problem.

[proginthebox]

It's not about that guy's blog. This causes desensitization to non-HTTPS traffic and when people then actually visit non-HTTPS malicious blog, they get infected. If all "trusted" websites were HTTPS, then whenever there was untrusted access, people will notice it and raise alarm.