How to read Qubes OS' website
@espectalll @micahflee Hmm, yes, I suppose it's possible some Qubes users will actually do that.
But, more generally, it does show a rather gaping hole in standard web infrastructure in that there's no general mechanism to convey and check the original author's signature on web pages.
@edavies @espectalll @micahflee wellllll... there's SSL...
this basically allows end-to-end encryption to the hosting server.
But you're right that this doesn't validify the contents.
@upshotknothole @edavies @micahflee I certainly was going to address that. Keep in mind you have to rely on COMODO's certificates and not be fooled by the TLS certificate being replaced in some form of MiTM. But it is a rare issue, just one to be aware of when needed.
Otherwise, I absolutely agree, but keep in mind marketing has a huge role here. I mean, they claim to do "a reasonably secure OS". It better be reasonably secure... for the target audience.
