On August 5, 2022 3:30:57 PM AKDT, Peter <[email protected]> wrote: >The main site doesn't currently support https but the repositories do, also >all packages are cryptographically signed and the signing keys are served off >of a secure server. > >The info on the site is public information that doesn't really need to be >secure. > In which case any actual content on the said site becomes injected with ultra-persistent linux-targeted adware, spyware, and pop-ups by any given third party in transit, which craps up my phone and slows down my desktop browser to a crawl, and then I have to update my adblocker, re-up all my security settings and fix all the other things that break due to spam malicious advertising on the internet. Plain old http is simply maddening these days. Leave the front door wide open for online hustlers and thieves, yeah, some people have bank accounts or manage actual money on their computers.
I would highly encourage a use of basic https all around: certbot/letsencrypt is currently free and there are many other low-cost options for https in conjunction with any given hosting service or platform. -- Sent from my Android device with K-9 Mail. Please excuse my brevity. -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
