Hacker News new | ask | show | jobs
by forgotmypw17 1976 days ago
This, a thousand times. No one is going to mitm someone browsing my text blog. On the other hand, https creates many barriers to access, including recent version requirement, time sync, and extra cpu and bandwidth.
2 comments
tpxl 1976 days ago
ISPs regularly MITM http websites to inject ads (in the US even).
link
forgotmypw17 1975 days ago
It happens. I think I'd rather my site be served with ads, than not at all.

It would be great if we could always automatically choose the right option, but browsers don't do that.

link
tpxl 1975 days ago
Ads aren't that much of a problem, but serving cryptominers/phishing websites/viruses is a real issue.
link
forgotmypw17 1975 days ago
Do ISPs really do that?
link
tpxl 1975 days ago
I haven't heard of it, but other malicious actors surely do.
link
cutler 1975 days ago
Not to mention single points of failure like Letsencrypt.
link