On 2022-09-01 18:53, Илья Шипицин wrote:
that website provides some non confidential documentation. neither it asks you for login/password or payment details.there's nothing wrong with http on such websites.
There are download links without an obvious way to check for their integrity. HTTPS would at least protect against simple man in the middle. Or links should be to directory (but an attacker could hide the fact there are hash for the files then).
