On 3/12/19, Andrey Repin wrote: > Greetings, Lee! > >>> It gives you false sense of security. What is worse, everybody is >>> attempting >>> to reassure this false sense on every possible occasion. > >> I don't think it's a false sense of security. https:// isn't "safe" >> but it is _safer_ than http:// > > Yep. Now, let's recall mcafee, norton, kaspersky, avast… and all those > other > "antiviruses" that proxy all TLS traffic through their own root certificate > proxy.
But you did that to yourself. Hopefully you evaluated the risk/reward in letting your a/v intercept everything. Or are at least aware that your a/v is intercepting everything. Altho I have a feeling most home users aren't aware of https://www.us-cert.gov/ncas/alerts/TA17-075A I haven't been paying attention - hopefully the situation has improved. Regards, Lee -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple