So this video explains how https works. What I don’t get is what if a hacker in the middle pretended to be the server and provided me with the box and the public key. wouldn’t he be able to decrypt the message with his private key? I’m not a tech expert, but just curious and trying to learn.
That can be helpful if a transgression is noticed, and it’s not orchestrated by a higher authority (e.g. government), and the damage isn’t already done.
Of course, browser builders are vulnerable to influence, attack, accidents, questionable judgment, and blind spots just as certificate authorities are.
I agree, it’s far from perfect.