Open in app

Sign in

Write

Sign in

Not even the second one?
3

SouthpawPoet

Where Angels Fear
1 min readJul 8, 2021

--

N.B.

It's 2021 and there is long since no excuse for any service or site being delivered via http any more - https is not a new protocol.

Whilst it's true that an https connection is no guarantee that the sire/service is not itself nefarious, it does not inspire me with confidence when I see a site/service or component delivered via http this late in the game — if you're providing the thing yourself, or making use of it as a third-party component of your own site/service at this stage, what else do you have a casual disregard for by way of security?

cosmicwaves.ru is delivered via https itself, but it links out to stream.zeno.fm by way of http ... which is concerning: zeno.fm may itself be fine but you've no way of knowing if the data hasn't been intercepted before it reaches you — and browsers are the single largest attack vector there is.

It's probably fine ... probably ... but be wary.

--

--

Where Angels Fear
Where Angels Fear

Written by Where Angels Fear

452 Followers
247 Following

There he goes. One of God's own prototypes. A high-powered mutant of some kind never even considered for mass production. Too weird to live and too rare to die.

Responses (1)

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams