You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I don't see a point using HTTPS everywhere, when I am just consuming content.
And for making transactions, HTTPS is not enough.
You can acquire a certificate easily these days. So many people are happy to sign in to https://paypaI.com (with uppercase i) and give away their credentials, just because it says "secure" . HTTPS doesn't mean the page is secure or not abusing your data for something else. At best it will securely transmit your data to attackers.
I would love to add to this point that HTTPS is a good first step, but it doesn't prevent attackers from getting your data. You need to deliberately inspect what the website is offering and apply common sense. This would be a perfect place to link to the Sensible Computing part.
The text was updated successfully, but these errors were encountered:
Objectively speaking, not a single one of these steps is enough- it's when they are all used in combination with each other, when you start to strengthen your defences. But I do agree that this should be clearer.
Also your point about HTTPS is very true, and I wouldn't like the reader to get the impression that they can just use HTTPS or something, and then automatically be safe.
So I added an entry into the Sensible Computingsection, in commit f69585e. But feel free to edit it or add anything else in a PR - Cheers for the suggestion 🙌
I don't see a point using HTTPS everywhere, when I am just consuming content.
And for making transactions, HTTPS is not enough.
You can acquire a certificate easily these days. So many people are happy to sign in to https://paypaI.com (with uppercase i) and give away their credentials, just because it says "secure" . HTTPS doesn't mean the page is secure or not abusing your data for something else. At best it will securely transmit your data to attackers.
I would love to add to this point that HTTPS is a good first step, but it doesn't prevent attackers from getting your data. You need to deliberately inspect what the website is offering and apply common sense. This would be a perfect place to link to the
Sensible Computing
part.The text was updated successfully, but these errors were encountered: