Hacker News new | ask | show | jobs
by 2Gkashmiri 1286 days ago
I don't get it. "Https for security" because "http is unsecure" sure but does EVERYTHING need to be secure? Like sure its fine but what if something isn't? What's the point of httpsing Wikipedia?

Forgive my ignorance but my ISP does DPI so any website on their blocklist is not permitted and I can't do anything about it so https or http doesn't matter.

Again, I am not talking about e2ee or SSL for payments or stuff but "surfing". If there are tech like DPI, whats the point of pretending " security"? From ISP that is.
1 comments
shakna 1286 days ago
There are a number of ISPs that inject adverts into HTTP pages.

There has been a number of viruses and malware, distributed by ad networks.

HTTPS provides basic protection for the user, from their ISP.

link
franga2000 1286 days ago
Not saying we shouldn't use HTTPS, but if your ISP is injecting ads and malware into your internet traffic, the real solution would be to sue/legislate them out of existence.
link
shakna 1286 days ago
Comcast have repeatedly been caught injecting, from 2013 [0] through 2019 [1]. At what point do you acknowledge that the large-scale business that is the ISP, might just have more bargaining power than a single individual?

[0] http://blog.ryankearney.com/2013/01/comcast-caught-intercept...

[1] https://gist.github.com/ryankearney/4146814?permalink_commen...

link
2Gkashmiri 1285 days ago
my concern is about the fake sense of security in the face of DPI
link