azertyfun

@azertyfun@sh.itjust.works

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨PlayStation To Delete A Ton Of TV Shows Users Already Paid For⁩ ⁨⁨11⁩ ⁨months⁩ ago⁩:
(Within the limits of IP laws. In some countries, making a personal backup of a DVD is an illegal act. Breaking DRM to do so may be a separate illegal act, again depending on jurisdiction. Neither is immoral of course, but that doesn’t stop lawmakers and judges from kissing the slimy boots of corporate lobbyists.)
⁨Comment⁩ on ⁨Local pop radio station is using its metadata to spread anti Biden propaganda⁩ ⁨⁨11⁩ ⁨months⁩ ago⁩:
HSTS + HTTPS redirect is the answer. It’s industry standard for a reason: it’s just as safe as pure HTTPS since you can’t get anything other than a redirect over HTTP, and HSTS protects your users from future attempted MITM attacks. The MDN page for HSTS explains it all very clearly.

Any other implementation is an immediate audit fail in my experience.

There’s no tangible security benefit to fully disabling port 80, and if anything depending on the service it may just drive users away to shadier alternatives.