<!--
- Copyright © 2017 Soren Stoutner <soren@stoutner.com>.
+ Copyright © 2017-2020,2022 Soren Stoutner <soren@stoutner.com>.
- This file is part of Privacy Browser <https://www.stoutner.com/privacy-browser>.
+ This file is part of Privacy Browser Android <https://www.stoutner.com/privacy-browser-android>.
- Privacy Browser is free software: you can redistribute it and/or modify
+ Privacy Browser Android is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
- Privacy Browser is distributed in the hope that it will be useful,
+ Privacy Browser Android is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with Privacy Browser. If not, see <http://www.gnu.org/licenses/>. -->
+ along with Privacy Browser Android. If not, see <http://www.gnu.org/licenses/>. -->
<html>
<head>
<meta charset="UTF-8">
- <style>
- h3 {
- color: 0D4781;
- }
- img.title {
- vertical-align: bottom;
- height: 32;
- width: 32;
- }
+ <link rel="stylesheet" href="../css/theme.css">
- img.center {
- display: block;
- margin-left: auto;
- margin-right: auto;
- height: 640;
- width: 360;
- }
- </style>
+ <!-- Setting the color scheme instructs the WebView to respect `prefers-color-scheme` @media CSS. -->
+ <meta name="color-scheme" content="light dark">
</head>
<body>
- <h3><img class="title" src="images/ic_vpn_lock_dark_blue.png"> Connect with Confidence</h3>
+ <h3><svg class="header"><use href="../shared_images/vpn_lock.svg#icon"/></svg> Connect with Confidence</h3>
<p>When visiting an encrypted URL (one that begins with HTTPS), the webserver uses an SSL certificate to both encrypt the information sent to the browser and to identify the server.
The purpose of the server identification is to prevent a machine located between the browser and the webserver from pretending to be the server and decrypting the information in transit.
- This type of attack is known as a Man In The Middle (MITM) attack. SSL certificates are generated by certificate authorities: companies that verify a server’s identity and produce a certificate for a fee.
+ This type of attack is known as a Man In The Middle (MITM) attack.
+ SSL certificates are generated by certificate authorities: companies that verify a server’s identity and produce a certificate for a fee.
Android has a list of trusted certificate authorities, and will accept any of their certificates for any website.
- It isn’t supposed to be possible for an organization to acquire an SSL certificate for a domain they do not control, but in practice many governments and large corporations have been able to do so.</p>
+ It isn’t supposed to be possible for an organization to acquire an SSL certificate for a domain they do not control,
+ but in practice many governments and large corporations have been able to do so.</p>
<p>Pinning an SSL certificate tells the browser that only one specific SSL certificate is to be trusted for a particular domain. Any other certificate, even if it is valid, will be rejected.</p>
- <p><img class="center" src="images/ssl_certificate_mismatch.png"></p>
+ <img class="center" src="images/pinned_mismatch.png"/>
<p>SSL certificates expire on a specified date, so even pinned SSL certificates will legitimately need to be updated from time to time.
As a general rule, pinning SSL certificates probably isn’t needed in the majority of cases.
- But for those who suspect that powerful organizations may be targeting them, SSL certificate pinning can detect and thwart a MITM attack.</p>
+ But for those who suspect that powerful organizations may be targeting them, SSL certificate pinning can detect and thwart a MITM attack.
+ Privacy Browser also has the ability to pin IP addresses.</p>
- <p><img class="center" src="images/pinned_ssl_certificate.png"></p>
+ <img class="center" src="images/pinned_ssl_certificate.png"/>
<p>SSL certificates can be pinned in Domain Settings.
- Besides protecting against MITM attacks, pinning a self-signed certificate for a device like a wireless router or access point will remove the error message that is normally presented every time its website is loaded.
- To view the current website SSL certificate, tap on the favorite icon next to the URL bar.</p>
+ Besides protecting against MITM attacks,
+ pinning a self-signed certificate for a device like a wireless router or access point will remove the error message that is normally presented every time its website is loaded.
+ Tapping on the active tab displays the current website SSL certificate.</p>
</body>
</html>
\ No newline at end of file
projects / PrivacyBrowserAndroid.git / blobdiff