http subversion URLs should be discontinued in favor of https URLs

Eugene Grosbein eugen at grosbein.net
Sun Dec 10 20:45:50 UTC 2017


11.12.2017 3:37, Yuri wrote:

> On 12/10/17 11:37, Eugene Grosbein wrote:
>> Hmm, you should not pass your traffic through the network operated
>> by lots of malicious operators in first place. No matter encrypted or not.
>> There are plenty of alternative ways.
> 
> 
> Modern encryption protocols allow you to send traffic over insecure networks and still maintain your security and privacy, so why not?

No, they don't. You get into MITM and then you have a choice: ignore and run your connection anyway
or have no connectivity at all (using this channel). Both are bad, so don't use such a channel from the beginning.




More information about the freebsd-security mailing list