The CT Honeypot has important implications for how web applications should be designed. #CertificateTransparency (1/4)https://twitter.com/MelindaShore/status/1059428576410316800 …
-
-
Unless you visit the app to configure it right away, attackers will find it, take it over, and use it for malware, phishing, spam, etc. (3/4)
Show this thread -
If you're designing a webapp, have the initial admin password be configured out-of-band rather than through the browser. If you know of a webapp that sets the initial admin password through the browser, file a bug, citing the CT Honeypot research. (4/4)
Show this thread
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.