💾 Archived View for bbs.geminispace.org › u › gritty › 13261 captured on 2024-02-05 at 12:17:30. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
I agree with the sentiments here - we have some encryption but it's not perfect, and we're not doing online banking here, so I think TOFU is good enough for this space.
2023-12-30 · 5 weeks ago
🚀 numb3r_station · Jan 02 at 00:13:
you could use a tor hidden service and asks users to bookmarks the page if this is a concern.
Encryption is a hell — Gemini encription is somewhat unusual. It relies on TOFU (trust on first use) principle. Suppose my provider is a jackass and he is implementing a MitM attack on all gemini connections, then my gemini program will not notice and all gemini capsules from this network perspective will be compromised. And if I use VPN after that, I will get warnings about certificate change. Than I have to guess where MitM attack was happened? Is it my provider messing with that, or is it a...