Comment on How to selfhost with a VPN
possiblylinux127@lemmy.zip 1 week agoHow so?
Data send back isn’t validated so someone could tamper with the data. A bad actor could add soke arbittary Javascript plus ISPs have been caught inserting marketing materials into pages.
From a privacy perspective it is also bad as not only does it include your user agent in plain text it doesn’t have any encryption on page contents which allows your ISP to snoop on what you are doing.
All of these reasons are while we moved to https. X.509 certs are free and trivial to setup with Caddy or any other Reverse proxy/web server.
null_dot@lemmy.dbzer0.com 6 days ago
Do you really think someone is going to set up a MITM attack for the dozen people who visit this blog?
possiblylinux127@lemmy.zip 6 days ago
No, but governments and ISPs can and have historically done so for all http traffic.
It doesn’t matter the page. They just care about http.
missfrizzle@discuss.tchncs.de 6 days ago
specifically this is how QUANTUMINSERT worked (from the Snowden leaks.)
possiblylinux127@lemmy.zip 6 days ago
To add to this, a whole lot of places have been compromised in the salt typhoon attacks. China has compromised infrastructure all over the place including ISP hardware.