Remix clone Hacker News

new | show | ask | jobs Github

▲

nottorp 4 days ago

> Free domain-validated fully automated HTTPS cert distribution wasn't a thing, and now it is.

Free compulsory ...

▲

warkdarrior 4 days ago | parent [-]

It is not compulsory. The browser may warn about lack of HTTPS, but that's about it.

And I won't visit such HTTP-only site since it indicates the site owner does not care to protect my (meta)data, but they probably don't want my clicks.

▲

nottorp 4 days ago | parent | next [-]

And would you think this way if they didn't spam the "accept the risk and continue" scareware?

Why is it phrased as the risk is coming from the web site, when the risk actually comes from the backbone and whoever is able to intercept your communications?

	▲	cookie_monsta 4 days ago \| parent [-]
		(paraphrasing from memory because it's a while since I've seen it) > Your connection is insecure. Information you send could be intercepted by attackers. Accept the risk and continue? Explains the problem in simple terms. Calls out the website for being lazy and careless. Gives you the option to proceed if you don't care. Why is this scareware and how would you word it?

▲

4 days ago | parent | prev [-]

[deleted]