@Wolf480pl @ayo That's fair. :) Users and servers that might be more susceptible to these kinds of attacks probably should be using HTTPS (and other methods for verification and security). For a personal, self-run blogging site I imagine it would be less of an issue if HTTPS were made optional.

@Wolf480pl @ayo (Note that I'm not /against/ the use of HTTPS in most cases, I'm just not totally convinced that it's necessary in every single case. I'm also not convinced that removing HTTP as an option is necessary unless downgrade attacks are a real concern.)

@Wolf480pl @ayo Both of those scenarios are theoretically possible, but how likely are they? The attacker would have to know which site (or sites) I'm going to visit to get that information. And if they are modifying the outgoing content for other users, surely someone would notice an issue with the incorrect information. Right? It just seems like there are easier and more viable ways of making me late or phishing for my information.

@Wolf480pl @ayo That's certainly valid for downloadable programs (which could be verified with a hash anyway) or account information. Is there any gain in spoofing things over the wire that are public and verifiable, such as reference material?

@Wolf480pl @ayo I can see why it might not be necessary in some situations like accessing public information that doesn't require any kind of personal info from the user. An admittedly niche case might be a public code repository cross reference, where https could slow things down noticeably.

If you're an indie game dev, do yourself and your fans a favor and stay away from Stadia exclusives. No matter how much Google pays you, it's not worth it.

@kaniini I'm curious about how the Pleroma chat thingy works. Is it an internal IRC/XMPP service?

Pol - 

Someone installed Google Chrome on some of our dev servers.

I uninstalled it with EXTREME prejudice.

Meta "Drama" and "Cancel Culture" 

Meta "Drama" and "Cancel Culture" 

Show more

Chitter is a social network fostering a friendly, inclusive, and incredibly soft community.