|
|
|
|
|
|
by lmc
1858 days ago
|
|
|
> Believe it or not "everyone must use https" is a pretty political push, based on favoring certain corporate entities who control all of the points in a network where https traffic gets decrypted, at the expense of other corporate entities who the first group doesn't like. It's really not. Ever had your ISP inject shit into your pages?
https://www.infoworld.com/article/2925839/code-injection-new... |
|
|
This. And all the other skulduggery that MITM attacks enable.
I'm kind of surprised that none of the powers-that-be ever pushed for an HTTPS mode that merely signs requests and responses rather than encrypting them, in an effort to undermine encryption advocates.