Why Postgres needs better connection security defaults

Postgres's default connection security, particularly the widely used `sslmode=require`, is criticized for providing insufficient security by failing to authenticate the server, making it vulnerable to man-in-the-middle (MITM) attacks. The article discusses efforts to improve this, including the introduction of `sslrootcert=system` in Postgres 16, which aims to enhance security by using system-trusted root certificates, although it's not yet widely supported across platforms, particularly on Windows. As a workaround, Neon has implemented channel binding via SCRAM-SHA-256-PLUS, which securely verifies server identity by requiring the server to prove it knows the user's password, thus protecting connections even without `sslrootcert=system` support. The article suggests potential future improvements, such as renaming `sslmode=require` to highlight its insecurity and creating a more secure default connection mode, indicating a hopeful trend towards improved connection security in Postgres.