Y
Hacker News
new
|
ask
|
show
|
jobs
by
trulyrandom
2705 days ago
With HTTP an attacker still has to MITM the connection between you and the mirror operator. So, definitely not "everyone".
2 comments
cryptonector
2705 days ago
That includes: coffee shops, ISPs, employers, everyone who can hack their routers, anyone who can spoof DNS, etc. That might as well be "everyone".
STOP IT. Though shall use HTTPS.
link
trulyrandom
2704 days ago
Fair enough. I agree that HTTPS is valuable here. I was just being overly pedantic, my bad.
link
DoctorOetker
2705 days ago
the moment we are talking about monitoring user's software base, we are practically already talking attackers at the skill level of nation states, so yeah "everyone" in the subset of plausible attackers.
link
STOP IT. Though shall use HTTPS.