Thread: Why no https???
View Single Post
  #4   (View Single Post)  
Old 31st August 2018
rons's Avatar
rons rons is offline
Join Date: Oct 2015
Posts: 55

Originally Posted by Beastie View Post
Probably not, but it would still be preferable to encrypt the log in process/cookie data.
With an unencrypted connection it's easier for an interloper to do an MITM exploit - and transmit malware, etc. Really, it's not even an exploit of any consequence when the stream is http - pretty easy. It doesn't seem to me that it'd be much more of a maintenance issue to add the secure https server to the site.

I come here occasionally because NetBSD doesn't really have a forum of its own. But I always think to myself when I visit, "Oops, I'm going to be http again."
Reply With Quote