|
|
|
|
|
|
by g-b-r
962 days ago
|
|
|
> the only difference from now is that your browser will display "secure" instead of "invalid cert". There is no other difference. Oh that's SUCH as an insignificant difference!!! > So to orchestrate an attack they would need to build an webbapp that is sufficient similar for you not to notice, take over your internet connection and break the certification process. You can simply relay the requests to the original site/"webapp", no need to build one similar |
|
|
Doesn't work if the app encrypts messages locally, so end to end encryption is still valid with this.