Hacker News new | past | comments | ask | show | jobs | submit login

You can (try) to restrict your browsing to HTTPS sites only.

But it's very difficult to ensure that all the communications your device is making (background services, vendor apps...) go through that channel.




If only there were some certification body that ran an App Store with rules against unencrypted traffic...


This issue is two-fold right. You can install plugins that force SSL client side (on the main site and any AJAX calls thereafter) but like you said you have no idea what calls that site is making server side. They could be sending everything you send them over plaintext after the initial TLS secured request. Rough times.


Luckily, the servers past the initial SSL link won’t be using wifi, so at least you won’t be any worse off than before.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: