So this video explains how https works. What I don’t get is what if a hacker in the middle pretended to be the server and provided me with the box and the public key. wouldn’t he be able to decrypt the message with his private key? I’m not a tech expert, but just curious and trying to learn.

  • zeluko
    link
    fedilink
    46 months ago

    Thats why we have HSTS and HSTS preloading, so the browser refuses to allow this (and disabling it is usually alot deeper to find than a simple button to “continue anyways”)

    • @IHawkMike
      link
      English
      26 months ago

      In Chromium browsers you can simply type “thisisunsafe” to bypass even HSTS failures.