Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Note that these pages are not served via https, and neither is the donations page[1] which contains links to Paypal.

This has been pointed out from time to time on the openbsd "misc" email list but I've never seen a good explanation for why these pages are not secure.

[1] http://www.openbsdfoundation.org/donations.html



I am not related to the OpenBSD team, but just dropped a mail for them and in a few hours I can reach it via HTTPS:

https://www.openbsdfoundation.org/donations.html

awesome people :)


The PayPal links are https


Doesn't matter. Nothing can be trusted on a plain HTTP page.

It's quite inexcusable today that setting up a certificate is such an inexpensive and easy thing with Let's Encrypt.


Agreed. What world are people living in when they present payment links on an insecure page in 2018? Um, no dude. I'm not going to click on your link now, nor will I ever. Byyye.


The parent made it sound like the PayPal links were also http




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: