|
| ▲ | jayct 6 hours ago | parent | next [-] |
| that could easily be trojan-horsed with links to malware if you are viewing it in a poorly secured setting (like public wifi), because you can't verify the origin. so the best we can say about the author is that we are getting inconsistent signals on how seriously they understand and implement security concerns. so better review that code carefully before use, rather than assuming their expertise from release notes. |
|
| ▲ | ccapitalK 2 hours ago | parent | prev | next [-] |
| Obligatory https://doesmysiteneedhttps.com/ |
|
| ▲ | Retr0id 6 hours ago | parent | prev [-] |
| TLS certs are freeeeee |
| |
| ▲ | radiator 6 hours ago | parent [-] | | Judging from this very release, where he implemented support for page-level checksums and encryption for LMBD, I assume the author knows a thing or two about encryption. He probably then deemed it unnecessary for this specific website. | | |
| ▲ | Retr0id 6 hours ago | parent | next [-] | | Cryptography engineers are not excluded from being lazy sysadmins. | | |
| ▲ | radiator 6 hours ago | parent [-] | | What do you mean "lazy"? I thought you said TLS certs were free. Do you mean they cost something after all? Time, for example? Anyway, of course in case you feel the website is a risk, you should refrain from using it. Safety comes first. |
| |
| ▲ | 6 hours ago | parent | prev [-] | | [deleted] |
|
|