126
submitted 9 months ago by luthis@lemmy.nz to c/asklemmy@lemmy.ml

Had someone contact me because a browser interface was 'down' and it was actually a cert issue. It surprised me that in an IT context, this person didn't have a basic understanding of SSL certs. They didn't even know how to add a cert exception.

It got me thinking, what basic ubiquitous things am I a dumbass about outside of IT?

Ive seen lots of 'fun facts' compilations, but it would be better to get a wide range of subject suggestions that I can spend 30 minutes each or less on, and become a more capable human.

Like what subjects would plumbers consider basic knowledge? Chemical interactions between cleaning products and PVC pipes?

What would an accountant or a landscaper consider to be so basic its shocking people can live their lives without knowing any of it?

For most areas of expertise, its difficult to know even what the basics are to start with.

you are viewing a single comment's thread
view the rest of the comments
[-] overcast5348@lemmy.world 5 points 9 months ago

ELI5 of certificates:

The "s" in "https" in urls like "https://wikipedia.com" stands for "Secure".

When you connect to Wikipedia's computer to read something, how do you know if the content you get back is what they actually sent and wasn't altered by your friendly neighborhood hacker?

Wikipedia can "sign" the content before sending it you. They also give you a certificate telling you how they have a particular signature which has been verified by someone else whom you already trust, and how long this particular signature is valid for.

If a hacker tries to alter the document returned by Wikipedia, they wouldn't be able to sign the document correctly. If they tried to give a certificate with a different signature too, you would catch it because they wouldn't be able to fake the verification of the "someone you trust" so you'd catch the fake certificate.

Browsers handle all this stuff for us. If it detects something fishy, it'll just show an error along the lines of "could not verify certificate". In some cases, it's genuinely an issue where you/the website is under attack and you may get a virus.

In some other cases though, it's an issue of the certificate expiring and the guys at Wikipedia not being proactive about getting a new signature and certificate. If you are ABSOLUTELY CERTAIN that you're just dealing with a lazy developer and not a malicious hacker, you can tell your browser to ignore whatever issue it detected and show you the content that was returned by Wikipedia.

Thanks for attending my TEDx talk.

this post was submitted on 29 Feb 2024
126 points (95.0% liked)

Asklemmy

43982 readers
757 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy ๐Ÿ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS