Move voluntary.net to https

[dionyziz]

The default Bitpost download happens over plain HTTP, not HTTPS. This means that a man-in-the-middle attacker on the network could trivially alter the executable binary to be a virus, potentially breaking the privacy that bitmessage claims to have, or stealing bitcoins, as many users who use bitpost also use cryptocurrencies.

The checksum on the website doesn't help, as it can also be modified in transit easily.

I understand I have the alternative of downloading releases from GitHub using https, but this is not something the average user will do.

Let's move voluntary.net to HTTPS and provide a download link to HTTPS as well. Let's have the binary SHA1 digest on an HTTPS-hosted website also.

[stevedekorte]

That sounds like a good idea. I don't trust cert authorities and there are probably easier ways (like copy cat websites) to have the same effective attack but it would be something. Maybe another contributor with more admin experience could help with setting this up on nearlyfreespeech.net.

[rnhmjoj]

Signing the binary with pgp or namecoin?

[dionyziz]

@rnhmjoj Yes, this is a separate issue addressed in #16. PKI is still useful for users with a more limited (and reasonable) threat model.

[taoeffect]

I have this concern as well. I see that the site is now HTTPS but the download is still HTTP. Both the site and the download must be secured via HTTPS for HTTPS to matter at all since most people are not going to notice or know how to check the hash at the bottom of the page.