Hacker News new | past | comments | ask | show | jobs | submit login

Firefox (firefox-esr on Debian stable / Bookworm, latest package version) gives me for the first time:

    Warning: Potential Security Risk Ahead

    Firefox detected a potential security threat and did not continue to paulgraham.com.
Certificate validity dates looks good (so does my computer's date).

Anybody else got some similar error?




The fact that this site doesn't serve HTTPS(correctly) remains a head-scratcher for me.

The certificate isn't valid for paulgraham.com, hence the error. It is valid for *.store.turbify.com, among other SANs, which seems to indicate that the site is hosted by Yahoo[0] and has HTTPS misconfigured.

[0]: https://login.yahoosmallbusiness.com


In the 90s Paul Graham was one of the creators of Viaweb, which Yahoo brought and became Yahoo Store. Perhaps there's a link?


The link is http. I assume there is no hsts, so i think the more interesting question is why firefox would load it over https?


Yeah it's weird: I've got my Firefox configured to never load HTTP sites but I'm too sure why it then tries to load the HTTPS one when a HTTP URL is given.


Yes, same with HTTPS Everywhere in Chrome.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: