Fritzing.org needs TLS


#1

I love fritzing. Thanks for all your work on it! I think you should start using TLS on the fritzing.org website, particularly because you are distributing software for people to download and run on their computers. I would be happy to help with this, including by paying for a SSL certificate if necessary.

Unsecured software downloads provide an easy path for viruses and other malware to get on a computer and run with elevated privileges. It’s also a good idea to protect any information people give you, like their email address and password.

There are free options for certificates if those don’t meet the needs of the project, you could also use a paid certificate, which I’m volunteering to pay for (up to about 175 EUR). I can also help with the setup if you like.


#2

One fast and relatively easy way to improve the security of your app downloads would be to create releases on the fritzing-app github repo and serve your downloads from there. It isn’t a perfect solution, but it would make it possible to download the app securely if you have the correct link to the github repo.