If a website employs the use of HSTS all traffic will be redirected to HTTPS, rendering the support for HTTP redundant.
That is correct. However it's trivial for a MiTM attacker to perform an SSL stripping attacks when the victim is communicating with sites that support plain HTTP.
Can't you get fingerprinted solely by the use of chrome extensions? For example by using 5 specific extensions let's say Pocket, Google Dictionary, Adblock, xxx and Chameleon can't get fingerprinted by that? Does this…
If a website employs the use of HSTS all traffic will be redirected to HTTPS, rendering the support for HTTP redundant.
That is correct. However it's trivial for a MiTM attacker to perform an SSL stripping attacks when the victim is communicating with sites that support plain HTTP.
Can't you get fingerprinted solely by the use of chrome extensions? For example by using 5 specific extensions let's say Pocket, Google Dictionary, Adblock, xxx and Chameleon can't get fingerprinted by that? Does this…