[ what / sjis / test-php ]

/what/ -...

Password (For file deletion.)

File: 1596179056968.jpg (154.63 KB,1000x865,1573592335570.jpg) iqdb




me laughing at sockmin for using a self signed cert and not redirecting 80 to 443


Marisa saying "へー…マジー?


File: 1596183058425.png (660.71 KB,600x600,1366838150233.png) iqdb

I'd redirect to 443 if modern browsers didn't give scary warnings over self-signed certs.


File: 1596183351156.png (538.21 KB,1918x1082,wat.png) iqdb



File: 1596186200859.jpg (506.36 KB,1440x900,tidusmac.jpg) iqdb

I can set my self-signed certificate to expire whenever I want.

So I chose 2 decades in the future, happened to be 2037 at the time.

Also you can see it's using TLS 1.3

Completely standard and functional encryption, the point of HTTPS still fully works, no one can see anything you send or receive between /what/ and your computer, except /what/'s server and you.


thanks watmin
based web nerd


tidus hungers for desktops


File: 1596191108949.png (1.83 KB,250x92,Untitled.png) iqdb

my number is a bit different to yours….


whatmin doesn't really know what a MITM attack is yet, so he doesn't really understand what risks there are with self-signed certificates.

However, most of this risk could be mitigated if he, for example, put the fingerprint of the certificate up in the header somewhere or something. It doesn't have to be complicated. That way, if you're paranoid, you can view the cert's fingerprint and compare it to the one that whatmin has published.

<> but how do you know that whatmin published the fingerprint?? what if someone hackered in the middle and use a different cert and then also hackered /what/ and changed the fingerprint that's displayed???

you just hab tobleave


He's so dumb it's probably easy to hack him


or just use lets encrypt…


/what/min fix this shit before an attacker steals my /what/ credentials!!

[Return][Go to top][Catalog][Post a Reply]
Delete Post [ ]
[ what / sjis / test-php ]