I giggled at that too, especially when combined with the blogger’s quote “Ask them what https means and why it is important and they’ll look at you as if you’re speaking Klingon.”
It’s definitely not the case that it’s useless. A MITM can embed malware into the page it returns if you aren’t being served over HTTPS. It’s not just about snooping on sensitive data going one or both ways, it’s about being sure that what you’re receiving is from who you actually think you’re receiving it from.
Indeed. See my edit on the parent comment–I noticed that the website provides commands to the user to run, which makes it ripe for MITM attacks: if the user is copying-and-pasting commands to run into their shell, those need to be served over HTTPS.
Lmao
I giggled at that too, especially when combined with the blogger’s quote “Ask them what https means and why it is important and they’ll look at you as if you’re speaking Klingon.”
Well, your comment just shows your tech illiteracy. https is useless when you don’t need to deal with sensitive data.
It’s definitely not the case that it’s useless. A MITM can embed malware into the page it returns if you aren’t being served over HTTPS. It’s not just about snooping on sensitive data going one or both ways, it’s about being sure that what you’re receiving is from who you actually think you’re receiving it from.
Yeah, it’s also easy enough to set up that a coding website not doing it is almost embarrassing.
Indeed. See my edit on the parent comment–I noticed that the website provides commands to the user to run, which makes it ripe for MITM attacks: if the user is copying-and-pasting commands to run into their shell, those need to be served over HTTPS.