Hacker News new | ask | show | jobs
by resonantcore 4132 days ago
They disabled it server-side? What about the CA certificate in all these Lenovo users' trust stores that blackhats can now use to MITM with wild abandon?
1 comments
thesimon 4132 days ago
It enhances the users experience when being MITM'd.

But yeah, the removal instructions mention that the certificate won't be removed, which is quite dangerous.

EDIT: And users removing the cert would be unable to load https pages, which is a tricky situation.

link