undefined | Better HN

0 pointsstefan_5y ago0 comments

Why as a vendor would you use a self-signed certificate that causes the browser to scream at the customer when you could just not use TLS, plain old HTTP.

0 comments

tialaramex5y ago

Some features require Secure Context. Browsers just don't enable those features in a context that isn't secure (HTTP is only considered "secure" on the loopback network to your own machine). If it's a Javascript API it returns an error, if it's an HTML or HTTP feature it doesn't work. "Here's a nickel kid, get yourself a secure context".

Both Chrome / Chromium and Firefox have explicitly set policy that new features (as opposed to tidier ways to do things that already exist like DOM improvements) will require Secure Context, and there's already a weak assumption that even some tidying up will go into secure context when the rationale for not doing so is shaky (e.g. some of the web crypto features that needn't technically require Secure Context do anyway).

stefan_OP5y ago

I mean yes, browsers have amply demonstrated they don't care about secure local device communication at all. Mostly from ignorance and disinterest. It's their loss, just means everyone has to install an app or that smart lightbulb only talks to the vendor cloud.

PersonalOps5y ago

Because the alternative is to embed a TLS private key that would allow you to MITM every other one of those devices. Someone extracted it? Looks like you have to either (a) bury your head in the sand or (b) rollout an expensive recall to change certs on those devices.

Why use slightly compromised HTTPS versus plaintext HTTP? Same reason they have those super cheap locks on diaries from the 90s: it's a deterrent. Makes it a little harder to do a bad thing.

stefan_OP5y ago

You have already answered why no one in their right mind would embed a shared certificate across all devices. I don't think you are being realistic with yourself when you believe people use self-signed certificates; they don't.

You are missing what happens instead. There is just simply no web management interface on the device anymore. You need to download the vendors app to configure and use the device. Maybe, if the vendor cares, they use their own CA to secure a local connection to the device. Much more likely, the app and device exclusively talk to their cloud and use that as a middleman to exchange information.

andrewnicolalde5y ago

But it also makes it a little harder for the user to do what they want too because they have to click through a (correctly) scary-looking security warning.

j / k navigate · click thread line to collapse

0 comments

tialaramex5y ago

stefan_OP5y ago

PersonalOps5y ago

Why use slightly compromised HTTPS versus plaintext HTTP? Same reason they have those super cheap locks on diaries from the 90s: it's a deterrent. Makes it a little harder to do a bad thing.

stefan_OP5y ago

andrewnicolalde5y ago

But it also makes it a little harder for the user to do what they want too because they have to click through a (correctly) scary-looking security warning.

j / k navigate · click thread line to collapse