Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

1) Browsers no longer let you (easily/ 2-click) override some ssl errors, and the overwhelming trend has been to start treating a lack of https similar to an ssl error, as far as ui goes.

2) Is this practically any different than saying newsgroups, or even bbs(?), still exist, so those avenues for free speech are viable remedies for being otherwise suppressed.




1. seems unlikely. I don't think there's any mainstream browser that presents http://myrandomsite.whatever/ as an SSL error, in the same way as, say https://google.com/ having an invalid certificate, nor is there ever likely to be.


To your first point: Firefox still lets you easily override a ssl error with 2 clicks. Go to the site, click "Advanced" and then click "Accept the risk and continue". Using the most up to date version of firefox on MacOS, Linux and Windows.


Only for certain types of ssl errors. The advanced button has been removed from some of the error pages.

*Although it's mostly been chrome. I did at least see it on Firefox while att tried to MitM errors during a recent outage.

I believe the recent att router bit-flipping issue resulted in the same.


I'm pretty sure that even FF won't let you easily override an error on a site with HSTS that presents an invalid certificate.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: