Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
codexon
on March 25, 2010
|
parent
|
context
|
favorite
| on:
Law Enforcement Appliance Subverts SSL
Or the attacker could just block those servers and then spoof that file with new URLs and public keys.
tbrownaw
on March 25, 2010
[–]
Hard to spoof a file that you've already got a local copy of...
codexon
on March 25, 2010
|
parent
[–]
If you can't connect to the servers because the middleman blocked them, a user might assume that the servers were updated, and then proceed to use the spoofed file...
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
