stolen from linux memes at Deltachat

  • Chobbes@lemmy.world
    link
    fedilink
    arrow-up
    6
    arrow-down
    1
    ·
    1 year ago

    I mean… I would consider anywhere that you might download software from sensitive. This isn’t really a smart move. And sure, the mirror’s page they link to uses https, but if the regular site doesn’t a man-in-the-middle could change the url and serve an official looking malicious version… I wouldn’t consider putting your users at an elevated risk when it’s relatively easy to set up TLS “a smart move”.

    • interceder270@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      but if the regular site doesn’t a man-in-the-middle could change the url and serve an official looking malicious version

      What do you think is stopping someone from doing this?