(twitter.com)

475 points danielstocks | 1 comments | 27 May 21 10:28 UTC | HN request time: 0.236s | source

Show context

paxys ◴[27 May 21 15:09 UTC] No.27304033[source]▶

>>27301219 (OP) #

Having at least authenticated sections of your site use HTTPS was standard well before 2011.

replies(5): >>27304324 #>>27304427 #>>27305411 #>>27307048 #>>27307466 #

tl ◴[27 May 21 15:43 UTC] No.27304427[source]▶

>>27304033 #

Let's Encrypt started in 2014 to address HTTP overuse.

In 2011, I (in-house corp app dev) was still stuck with HTTP services (behind a firewall, accessible only via VPN).

In 2014, public facing mobile apps using HTTP was prevalent enough to prompt name and shame campaigns. [1] My fuzzy memory suggests some banks were still using HTTP.

[1] https://arstechnica.com/information-technology/2014/08/new-w...

replies(4): >>27304815 #>>27304833 #>>27307101 #>>27307439 #

1. birdyrooster ◴[27 May 21 19:28 UTC] No.27307101[source]▶

>>27304427 #

Let’s encrypt came way way late to the party. We had been banging the drum for 20 years by then.

↑

Klarna users are being signed in to random accounts