You think your data is secure with HTTPS? There’s always an undisclosed vulnerability somewhere.
Patches solve specific issues but they do nothing for overall security.
I don’t think there is any vulnerability in https. There are know limitations but https itself is fine. If you are talking about TLS vulnerabilities then we have much more to worry about. To compromise the content on a page someone would have to brute force TLS very fast which isn’t feasible with today’s computer. Today’s computer would take at least a few million years. But I have scene estimates that say long past the heat death of the universe.
Even if https was full of holes it still would be better than http. Http has zero tamper protections or encryption. Companies like AT&T used to tamper with traffic to various purposes and it was feasible for them to do so.
TLS 1.0 was released in 1999 as an upgrade from SSL 2.0 and 3.0.
And these days we’re on v1.3 - https://www.cloudflare.com/learning/ssl/why-use-tls-1.3/
Notice anything? There’s always a flaw. The general public hasn’t discovered it in TLS1.3…yet
And again, Banking websites, some stuff makes a lot of sense to use encryption.
Just not everywhere.
Oh look, we’ve found a security ‘researcher’. Mad that your job only consists of making other people’s job harder?
Try the DMV, that’s also a great place to work where you can inflict misery on others.
Valuable zero days aren’t exposed. They’re sold. If someone wants your data they will get it. HTTPS means nothing except huge amounts of wasted CPU cycles and energy.
