Y
Hacker News
new
|
ask
|
show
|
jobs
by
clsec
1064 days ago
Love it, this
did not
trigger
any
of my security add-ons!
1 comments
graftak
1064 days ago
Except that most of these appear to be served over http, sans s.
link
lkramer
1064 days ago
Is that an issue if nothing confidential is being served?
link
graftak
1064 days ago
It’s prone to MITM attacks and it allows snooping for what pages are visited. Some US ISPs use(d) this vulnerability to inject ads into pages. On a public/shared network you might be vulnerable to automated attacks.
link
user32489318
1064 days ago
How long would US ISPs need to stop doing this, now that most stuff is HTTPS delivered anyways?
link