|
I use HTTPS on my blog, which is a static website with no comments, because my blog contains information that I want people to be able to trust, and so I don't want an MITM to be able to modify it. There are a whole bunch of says that they can do that. The obvious way is that a lot of my blog is about programming, and so I have code on my blog people can copy/paste. If a MITM can modify that (perhaps by injecting something with font-size-zero), that directly harms my readers, and selfishly, that reflects poorly on me - it makes it look like I'm trying to harm my readers. I also have prose blog posts where I express advice or opinions. If I write about, say, security advice, and that advice has been modified to be bad, that also harms my readers and reflects poorly on me. Why would someone do that? I don't know, there are lots of trolls on the internet. More interestingly, I also write about my religious beliefs. If someone modifies a post to make me look like I'm one of the most egregiously bigoted people of my religion, that would also be harmful to my readers and reflect poorly on me, and the casual reader might not notice that the post is out of character, and there are a lot of people on the internet who are angry at my religion. Also, even if I didn't have any such information, a MITM could add a cryptominer or something to my blog - something that accesses no private information but still consumes my visitors' CPU and battery - would harm my readers and reflect poorly on me. |