Hacker News new | past | comments | ask | show | jobs | submit login

If you aren't in the habit of answering yes to big browser warnings about self-signed certs it seems like it shouldn't be an issue.

If the MITM operators have stolen a well known root cert then we have a much bigger problem.




SSL stripping allows attackers to avoid the big browser warnings, yet view and tamper with your data.

https://blog.cloudflare.com/performing-preventing-ssl-stripp...


HTTP is marked as " Not Secure". It's not big, but it's noticeable if you're paying attention and you definitely should pay attention for financial operations.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: