mle@feddit.detoTechnology@lemmy.world•Welp that answers a lot of why all .ml are downEnglish
8·
1 year agoYes, but it is very quick and cheap to get a domain validated cert from a CA that is generally trusted by most web browsers, so once the bad actor has the domain, the should be able to trick most users, only maybe certificate pinning might help, but that is not widely used.
For some great irony check out this wan show segment where linus talks about how he doesn’t like that a prototype (backpack) of theirs ended up in the hands of the public https://www.youtube.com/watch?v=EwgZaSYuBLc&t=3209 Time 53:29, in case the timestamped link doesn’t work