http subversion URLs should be discontinued in favor of https URLs
Franco Fichtner
franco at lastsummer.de
Sun Dec 10 20:52:42 UTC 2017
> On 10. Dec 2017, at 9:45 PM, Eugene Grosbein <eugen at grosbein.net> wrote:
>
> 11.12.2017 3:37, Yuri wrote:
>
>> On 12/10/17 11:37, Eugene Grosbein wrote:
>>> Hmm, you should not pass your traffic through the network operated
>>> by lots of malicious operators in first place. No matter encrypted or not.
>>> There are plenty of alternative ways.
>>
>>
>> Modern encryption protocols allow you to send traffic over insecure networks and still maintain your security and privacy, so why not?
>
> No, they don't. You get into MITM and then you have a choice: ignore and run your connection anyway
> or have no connectivity at all (using this channel). Both are bad, so don't use such a channel from the beginning.
You deconstructed the point you tried to make:
With HTTP MITM you don't have a choice. ;)
Cheers,
Franco
More information about the freebsd-security
mailing list