Y
Hacker News
new
|
ask
|
show
|
jobs
by
trash_panda
2850 days ago
Holy, I forgot about that one! You're totally right and I'm surprised it's not one of the main arguments for this push for HTTPS.
2 comments
jakelazaroff
2850 days ago
IMO it's really the
only
compelling argument for HTTPS on sites that don't deal with traffic worth intercepting. Other than that, I agree with you re café Wi-fi, etc: the man-in-the-middle risk is so small and localized that it may as well not exist.
link
greglindahl
2850 days ago
Not only is the coffee shop using an ISP that is likely MITMing you, insecure coffee wifi routers can be exploited at scale to MITM a lot of coffee shops at once.
link
plopz
2850 days ago
I think thats why google has been pushing so hard for https, isps were able to do tracking just as well under http, so google wants to shut that door.
link