Comment Re:Before everyone says that's idiotic... (Score 1) 332
How is encryption without authentication better than no encryption?
Two reasons. First the obvious: most would-be attackers are clueless, even little increase in the complexity of attack will stop lots of them. The second you already note:
(For completeness sake: There are scenarios where encryption without authentication can force an attacker to use an active attack (MITM) instead of a passive attack (sniffing). In that case, even encryption without authentication can be useful
That is *the* reason I'd want to be able to use https without expensive certificates without scaring the user (but also without showing the lock symbol or otherwise advertising security, just make it look like unencrypted http to the user).