KeePass developer apparently doesn’t want to switch to HTTPS for updates for fear of losing ad revenue https://bogner.sh/2016/03/mitm-attack-against-keepass-2s-update-check/ …
HTTP would actually be okay if a signature was verified. Might be an acceptable tradeoff.
-
-
There's a new version of KeePass which verifies sigs:https://twitter.com/spazef0rze/status/744885393779269632 …
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.