Not sure if this is the right place, but even though this forum and the main Linux Mint web site are now all HTTPS, for some reason, the Linux Mint Blog is not. Any particular reason?
http://blog.linuxmint.com/
"Linux Mint Blog" Not HTTPS
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
-
- Level 3
- Posts: 155
- Joined: Thu Sep 10, 2015 9:29 pm
"Linux Mint Blog" Not HTTPS
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Currently running on Linux Mint 20.1 Cinnamon
Re: "Linux Mint Blog" Not HTTPS
HTTPS works but it breaks the theme of the website. I think this one is still on the todo list. Like all our websites, it is protected from malware and attacks by Sucuri though.
Re: "Linux Mint Blog" Not HTTPS
The repositories should be in https, i think this is a security breach more important than blogs, man in the middle is so bad things, imagine if someone will redirect a kernel update with a malicious one and so
Re: "Linux Mint Blog" Not HTTPS
https for the repositories is not really relevant. All the packages and updates are cryptographically signed by the developers and before any package or update is installed it is verified to originate from the developers and to not have been tampered with.niubboxp wrote:The repositories should be in https, i think this is a security breach more important than blogs, man in the middle is so bad things, imagine if someone will redirect a kernel update with a malicious one and so
https is relevant to keep transmitted data private, after establishing a connection to a URL. As such whether you use http or https, anybody snooping on your connection can see which package or update you are retrieving as the URL itself is transmitted in clear text.