What about certificate pinning? As far as i remember it’s used by microsoft, google, apple and co. to verify the authenticity of leaf certificate. Do we know if it mitigate such attack?
"CurveBall’s Additional Twist: The Certificate Comparison Bug" shedding some light on the bug in #Windows10 that allowed it to accept #CurveBall “evil twin” certificates as valid.https://link.medium.com/reTcvvrCp3
-
-
-
I need to find a source but I believe it does.
- Još 1 odgovor
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.