this post was submitted on 05 Apr 2024
276 points (86.3% liked)

Technology

59204 readers
3707 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

cross-posted from: https://lemmy.ml/post/14100831

"No, seriously. All those things Google couldn't find anymore? Top of the search pile. Queries that generated pages of spam in Google results? Fucking pristine on Kagi – the right answers, over and ov

you are viewing a single comment's thread
view the rest of the comments
[–] pixxelkick@lemmy.world 1 points 7 months ago (1 children)

If a website has literally no login system, there's nothing to phish.

There is honestly no reason to use SSL on a static website that has no login system and just displays some content.

IE a static blog or etc, where the only content on the website is just "look at this stuff, okay thank you!"

[–] Bogasse@lemmy.ml 1 points 7 months ago

That's still my point, for example you could inject your own login system "create an account to keep track of your favorite artists, or some new shiny feature". For there you can get people's personal information, potentially a password they use on other services.

An URL is something the general public will trust, if the content can be messed with you repurpose the website's reputation. I took phishing as an example but even my not-so-creative and non-expert brain can think of other things : asking for donations, propaganda, advertising, censorship, ...