People have been constantly told to trust the padlock next to URLs. It used to be, until recently, proof that the site was legit and that you shouldn't be afraid to give it your personal info.
Now, thanks to open source/Linux activists, any moron with a toast connected to the Internet can get themselves a padlock for their scam sites, putting all the personal and bank info of billions of people at risk.
Proof: pic-related.
>lives
>>59938159
You can get this for BSD too.
Also comodo give away certs too.
>>59938159
This has nothing to do with open source, your gripe is with Let's Encrypt being accepted as a valid certificate authority on par with other (theoretically) more "serious" authorities, or really people incorrectly telling others that the "padlock" means they must be connected to the server they intended to connect to.
This is basically caused by web browsers showing those "THIS CONNECTION IS UNSECURE!!!!" messages when connecting to an HTTPS site with a self-signed certificate, even HTTP is even less secure and gets no warnings. To get around that you need a free, no hassle certificate authority, which then defeats the purpose of CAs if all CAs are considered equal.
In other words, it's not a "libre" (FOSS) problem, it's a "gratis" problem. Having "tiers" of CAs, free ones vs. paid and (theoretically) more trustworthy ones, could provide a quick fix to your problem, but the long-term fix as ever is to educate people and not tell them patently incorrect information like "The padlock icon means you're completely safe."
>>59938517
"the problem isn't the nazis. it's nazism"
>>59938635
/thread
>>59938159
>putting all the personal and bank info of billions of people at risk.
anyone falling for shit like this fucking deserved it my man.
>>59938159
>paypal.com.removed-limits.com