You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Thank you for this wonderful app. I have just found it on F-droid. What about an option for "HTTPS-only mode" with a self-signed certificate, to hide the file and the handshake (User-Agent) to passive listeners?
It is ineffective against active or targeted attacks, which I assume not to be an issue anyway, for a user of this very simple app. So I'd not care to check the fingerprint. But the encryption still rules out a class of attacks.
The text was updated successfully, but these errors were encountered:
This app is 99.99% of the time used within the internal network.
And HTTPS would prevent man in the middle, not leakage of data. I am not concern about MITM attack in my LAN.
But the cert would not be signed and it would probably not match the IP address. So the browser would issue a huge amount of warnings.
I don't see a problem being solved here. Sorry.
That being said, please feel free to send a pull request.
Thank you for this wonderful app. I have just found it on F-droid. What about an option for "HTTPS-only mode" with a self-signed certificate, to hide the file and the handshake (User-Agent) to passive listeners?
It is ineffective against active or targeted attacks, which I assume not to be an issue anyway, for a user of this very simple app. So I'd not care to check the fingerprint. But the encryption still rules out a class of attacks.
The text was updated successfully, but these errors were encountered: