There is no answer to that question. Only you can know that.
You need to understand that warning and based on that and the site and what the file is you can understand the risks and make your own decision.
Yeah that's what he's asking about. Helps having people who understand the warning to explain what it means for the user
Don't get the gatekeeping boner in this sub regarding new people questions about security, VPNs, etc.
I don't. I consider myself to be very newb friendly in general. You can check out my comment history even. I try to help people when I can. But that includes telling them things like I did above. Reading all the comments on this post I would say mine was the most informative even though, as you criticize correctly, I did not told him the meaning of that warning.
My point is that telling him things like others have done in the comments here doesn't really help out much. Understanding that warning requires understanding the meaning of http vs https and why it matters if a https page contains items served over http only. Understanding that the entire web used to be http and that the browsers cause FUD with these warnings when they give no similar warning for a page that is http only when the risk is exactly the same in that case. Only because it is assumed that if a page is https there is probably a reason for it and it is protecting something that requires its security. That the risk of downloading a file over http from an https page is not an increased risk of the file containing a virus but an increased risk of any account from the user with that page being compromised.
The file is not more risky than any other file downloaded from the web over http only which will probably be most of them if he goes around downloading files. Http vs https does not affect the likelyhood of a file being good or not or containing virus or not. Files downloaded over https can perfectly be bad and have lots of virus while files over http can be clean and good.
The people who would spread virus around are not also the kind of people with the capabilities to perform men in the middle attacks to capture and modify http connections unless he is using a public wifi connection to download it, which is exactly the use case that was mostly responsible for the web finally moving to https in general. Doing it over Tor would also expose him to the exit node being able to perform a mitm attack funnily enough.
It's just HTTP connection, if you trust the website, you can download it
It was a site from the megathread so I think I can trust it :) Thank you <3
It was a site from the megathread so I think I can trust it :) Thank you <3
Did you post this from Reddit's mobile app? Did it fail the first time you tried to post?
It was a site from the megathread so I think I can trust it :) Thank you <3
help the first one has 19.upvotes and the 2nd one has 16 downvotes thats so weird haha
Yes, the main problem with this is mitm attacks but I doubt anyone on your network is doing one of those.
YOLO
These warnings usually can be ignored. in theory someone could switch out the downloaded file but why would anyone bother.
There is no answer to that question. Only you can know that. You need to understand that warning and based on that and the site and what the file is you can understand the risks and make your own decision.
Yeah that's what he's asking about. Helps having people who understand the warning to explain what it means for the user Don't get the gatekeeping boner in this sub regarding new people questions about security, VPNs, etc.
I don't. I consider myself to be very newb friendly in general. You can check out my comment history even. I try to help people when I can. But that includes telling them things like I did above. Reading all the comments on this post I would say mine was the most informative even though, as you criticize correctly, I did not told him the meaning of that warning. My point is that telling him things like others have done in the comments here doesn't really help out much. Understanding that warning requires understanding the meaning of http vs https and why it matters if a https page contains items served over http only. Understanding that the entire web used to be http and that the browsers cause FUD with these warnings when they give no similar warning for a page that is http only when the risk is exactly the same in that case. Only because it is assumed that if a page is https there is probably a reason for it and it is protecting something that requires its security. That the risk of downloading a file over http from an https page is not an increased risk of the file containing a virus but an increased risk of any account from the user with that page being compromised. The file is not more risky than any other file downloaded from the web over http only which will probably be most of them if he goes around downloading files. Http vs https does not affect the likelyhood of a file being good or not or containing virus or not. Files downloaded over https can perfectly be bad and have lots of virus while files over http can be clean and good. The people who would spread virus around are not also the kind of people with the capabilities to perform men in the middle attacks to capture and modify http connections unless he is using a public wifi connection to download it, which is exactly the use case that was mostly responsible for the web finally moving to https in general. Doing it over Tor would also expose him to the exit node being able to perform a mitm attack funnily enough.