[ thoughts on web privacy and security ]
Very cool - Congratulations!Just curious, where does the vulnerability lurk? Something in the certificate handling, or the instalation of an unknown plugin? Somewhere else?
Actually it has to do with users being willing to accept certificates no matter who issues them. The trust for the website comes from "oh, my friend thought it was fine" and not from being a universally trusted source.
Post a Comment
2 comments:
Very cool - Congratulations!
Just curious, where does the vulnerability lurk? Something in the certificate handling, or the instalation of an unknown plugin? Somewhere else?
Actually it has to do with users being willing to accept certificates no matter who issues them. The trust for the website comes from "oh, my friend thought it was fine" and not from being a universally trusted source.
Post a Comment