Certificate pinning?
Also all let’s encrypt certs are public. So if someone malicious gets a cert for your domain, you can notice.
(Thats also why it may be a bad idea to use that for secretButPublicStuff.Yourdomain.com certificate transparency logs are a great way to find attack surface.)
edit oh certificate pinning has been deprecated in favor of checking transparency logs.
Note: every file on Ipfs is unencrypted and semi-public unless you encrypt before upload.
It is not a problem to distribute the decryption algorithm. The question remains against what this will protect. Normal https encrypts the traffic safely during transit. With this, the data is also encrypted on the server. But if you can access the server, you can modify the javascript code to send the password back to a server.
It could be used on something like IPFS, where all data is basically public but you can be sure it hasn’t been modified.
Aren’t all (most?) those centralized services? What good is having the app if the service is unavailable? Tox, Jamie and Veilidchat are fully decentralized, not just federated, fully decentralized. They come with their own downsides though…
For how long though? How do you know these are real people?
Imo the most important thing is the separation of what you do. If you’re logged in on facebook, you can do that from your public ip. Anything you’re not associated with your name you want to use a diffferent browser identity and maybe a different ip.
If you use Torrents or do anything illegal or whistleblowing or similar stuff, use a live linux iso with no persistence and a vpn bought with monero.
Soo they added webp and AV1, which aren’t that much better then old jpeg, especially with the modern jpeg encoder JpegLi. But JpegXL is out of the question.
Those examples all have a good reason that does not apply here. Browsers already support multiple formats and added a few in the last decade.
If qbits double every year, we’re at 20 million in 15 years. Changing crypto takes a very long time on some systems. If we’re at ~20000 in 5 years, we better have usable post quantum in place to start mitigations.
But I’m not convinced yet, we’ll have those numbers then. Especially error free qbits…