This is a browser bug. Why are browsers not fixing it? Actually supporting custom CA certs at all is a browser bug.https://twitter.com/SwiftOnSecurity/status/668910972782772224 …
@sleevi_ @marcaruel Ppl who do actual security and not snake-oil products know this.
-
-
@RichFelker@marcaruel The MITM is *on* the Endpoint. It's the last bastion before code exec. This is user-initiated intentional self-MITM -
@sleevi_@marcaruel There are 2 types of MITM AV; on-endpoint and on-network. But both are the wrong design & subvert https trust.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.