Excuse me google- why do you think it is alright to run antivirus scan on my personal files because I installed a web browser?pic.twitter.com/ZMa7aQ5xeV
Show this thread
-
I don't think SSL would get you anything of value in this specific instance: 1) authenticating data, as
@EOSkyfail pointed out for Debian, is implied by the hash 2) confidentiality is a nonproblem (you're downloading a delta update for a popular browser, so what)
What about an attacker injecting packets that will disrupt any updates? confidentiality is not only about the sick porn you watch- knowledge about what software is running is a good first step for a attack.
-
-
A DoS is an attack, true that, but disruption is possible even with SSL. Also true that info about software can be a good first step in an attack, but knowing that you have Chrome version ∈ [latest - 5, ..., latest - 1] gives you very little information you didn't have before
-
yarh yarh- nothing is black/white, pros and cons, most security for least effort etc. I just merely stated I was surprised- that is all :)
End of conversation
New conversation -
-
-
This Tweet is unavailable.
-
In general, I think you're right. Plain http is almost never a good idea, it makes mistakes easier and more dangerous. Playing devil advocate here tho: why it isn't that bad *in this specific instance*. I think that chrome version could be inferred by delta size, even with SSL
- Show replies
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.