TLS doesn't help here, because state actors (including China, Russia) own trusted root certificates, which allow them to TLS-terminate for _any_ website they choose and silently decrypt/MITM the traffic.
TLS offers quite good protection actually: Anytime they create fraudulent certificates they risk burning their CA. Attacks need to be very targeted to keep risk of detection low. Due to Certificate Transparency, hiding attacks got even harder. And for sites that use cert pinning, the attack doesn't even work in the first place.
And eavesdrop is one thing but I'm not clear how you could MITM an undersea cable without the operators noticing.
Except it's not silent because you need to expose your misissued certificate every time. Sure, the average joe won't spot it, but all it takes is one security researcher to expose the whole thing. AFAIK there are also projects by google and the EFF to monitor certificates, so the chances of you getting caught are really high. Combined with the fact that no such attacks has been discovered, makes me think that it probably doesn't occur in practice, or at least is only used against high value targets rather than for dragnet surveillance.
1ox seems like a year's supply for an average person.
A really heavy smoker can consume up to several grams a day. Let's say 5 grams, that'd be 150g per month (5oz per month).
Agree that it's hard to argue for 200 plants being personal use; 20 would be more realistic. For 200 plants, it's a big operation! Also, you can grow them in like 3-month cycles too.
Someone smoking 5oz per month is likely making poor decisions.
But I think a more reasonable explanation is they were trying multiple different strains or growing conditions. They may expect to toss out a fair bit of sub par pot.
reply