Had someone contact me because a browser interface was ‘down’ and it was actually a cert issue. It surprised me that in an IT context, this person didn’t have a basic understanding of SSL certs. They didn’t even know how to add a cert exception.

It got me thinking, what basic ubiquitous things am I a dumbass about outside of IT?

Ive seen lots of ‘fun facts’ compilations, but it would be better to get a wide range of subject suggestions that I can spend 30 minutes each or less on, and become a more capable human.

Like what subjects would plumbers consider basic knowledge? Chemical interactions between cleaning products and PVC pipes?

What would an accountant or a landscaper consider to be so basic its shocking people can live their lives without knowing any of it?

For most areas of expertise, its difficult to know even what the basics are to start with.

  • overcast5348@lemmy.world
    link
    fedilink
    arrow-up
    5
    ·
    9 months ago

    ELI5 of certificates:

    The “s” in “https” in urls like “https://wikipedia.com” stands for “Secure”.

    When you connect to Wikipedia’s computer to read something, how do you know if the content you get back is what they actually sent and wasn’t altered by your friendly neighborhood hacker?

    Wikipedia can “sign” the content before sending it you. They also give you a certificate telling you how they have a particular signature which has been verified by someone else whom you already trust, and how long this particular signature is valid for.

    If a hacker tries to alter the document returned by Wikipedia, they wouldn’t be able to sign the document correctly. If they tried to give a certificate with a different signature too, you would catch it because they wouldn’t be able to fake the verification of the “someone you trust” so you’d catch the fake certificate.

    Browsers handle all this stuff for us. If it detects something fishy, it’ll just show an error along the lines of “could not verify certificate”. In some cases, it’s genuinely an issue where you/the website is under attack and you may get a virus.

    In some other cases though, it’s an issue of the certificate expiring and the guys at Wikipedia not being proactive about getting a new signature and certificate. If you are ABSOLUTELY CERTAIN that you’re just dealing with a lazy developer and not a malicious hacker, you can tell your browser to ignore whatever issue it detected and show you the content that was returned by Wikipedia.

    Thanks for attending my TEDx talk.