Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

There is little excuse[1] for such a website to not employ TSL encryption of all traffic.

I can't even imagine the size of the TLA database containing <"evil" page visited>: <ip of visitor> records at this point.

1. https://letsencrypt.org/



TLS does not hide your IP address or that of the hosting server. If the powers that be want to know if you've visitied ttip-leaks.org, they will know regardless of whether TLS was employed.

As an aside, many web servers also log details of GET and POST requests - e.g. the visitor's IP address and the page they visited.


I agree that TLS would be nice, but it doesn't hide the fact that you've visited www.ttip-leaks.org




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: