Dell shipped computers with a preloaded CA, and left the private key in, Superfish style. ANYONE can MitM ANYTHING.http://arstechnica.com/security/2015/11/dell-does-superfish-ships-pcs-with-self-signed-root-certificates/ …
@hanno @0xabad1dea @FiloSottile Isn't the "second cert" a private key for signing drivers that any Windows system will then trust?
-
-
@RichFelker@0xabad1dea@FiloSottile no, that's independent I think. there is a second cert that browsers will accept. -
@hanno@0xabad1dea@FiloSottile So there are THREE now?! Uhg.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.