Hacker News new | ask | show | jobs
by otabdeveloper4 459 days ago
No, I need exactly 0 seconds to process empty buzzwords in the vein of "add Frobnozz to your TCP/IP, Frobnozz increases security bigly!".
1 comments
kadoban 459 days ago
There are zero buzzwords. I was just being vague because again, the cost of just flipping https on is negligible, it's literally more work to have this conversation and work out all of the details of exactly what attacks you're protected against.

It is never worth asking "should I even do https?" The only variation worth considering is "is https enough?" And even then, start with https and then build on top.

link
otabdeveloper4 458 days ago
HTTPS does nothing for security. (Except in very rate and specific cases that aren't important here.)

> The only variation worth considering is "is https enough?"

Enough for what exactly? Since this charade clearly isn't about security, what exactly is the metric for "enough"?

link
kadoban 457 days ago
Answered above. :shrug:
link