If you're wondering if @littlesnitch is worth the money: I’ve written kernel extensions before, and they are insanely difficult to support.
-
-
@bascule@littlesnitch Note though that serving updates over port 80 is still secure if the software is using a pinned key to verify. -
@taoeffect@littlesnitch but do you know if every single software update that you've ever gotten over port 80 is signed? -
@bascule@littlesnitch The ones that have used Sparkle, yes. -
@bascule@littlesnitch It is ironic that Sparkle updates relying on HTTPS for verification are less secure than those going over port 80…
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.