HackerTrans
TopNewTrendsCommentsPastAskShowJobs

sdefresne

no profile record

comments

sdefresne
·ปีที่แล้ว·discuss
It looks like IP addresses are considered PII by GDPR:

https://gdpr.eu/eu-gdpr-personal-data/

They are explicitly listed as example of PII.
sdefresne
·2 ปีที่แล้ว·discuss
Those are minor if certificates errors are not ignored.

Since the original issue is that the ssl errors are ignored, then all those https downloads are downgraded to http downloads in practice (no need to mitm to attack).

Or to say it another way, due to ignoring ssl errors, all those https urls were giving a wrong sense of security as reviewers would think them secure when they were not (due to lack of validation of ssl).