undefined | Better HN

0 pointsrzzzt2y ago0 comments

Crypto is/could be still fine, it will still make it harder for others to see the contents of the conversation that is going on between the two machines.

What you are losing is the modicum of confidence that a website is the real deal because another party (that browser and OS manufacturers trust) took the time to, at the very least, verify ownership of the domain.

0 comments

yencabulator2y ago

Automatically trusting any cert raises the bar for attackers from passive snooping to MITM. On a home LAN/wifi, MITM is pretty much as likely as passive listening. At the very least you need TOFU (trust-on-first-use) for any kind of real attack prevention.

lodovic2y ago

The reality is that most people have unencrypted communication with their home appliances because the certificate isn't trusted.

j / k navigate · click thread line to collapse

0 pointsrzzzt2y ago0 comments

Crypto is/could be still fine, it will still make it harder for others to see the contents of the conversation that is going on between the two machines.

0 comments

yencabulator2y ago

lodovic2y ago

The reality is that most people have unencrypted communication with their home appliances because the certificate isn't trusted.

j / k navigate · click thread line to collapse