If you're wondering if @littlesnitch is worth the money: I’ve written kernel extensions before, and they are insanely difficult to support.
@taoeffect @littlesnitch but do you know if every single software update that you've ever gotten over port 80 is signed?
-
-
@bascule@littlesnitch The ones that have used Sparkle, yes. -
@bascule@littlesnitch It is ironic that Sparkle updates relying on HTTPS for verification are less secure than those going over port 80…
End of conversation
New conversation -
-
-
@bascule@taoeffect@littlesnitch I'm hitting refresh to see what you'll say next. I worry re software updates being signed too. Pinned key? -
@EllieAsksWhy@bascule@littlesnitch Yes… see my replies. Pinned key over HTTP is more secure than relying on HTTPS alone. -
@taoeffect@bascule@littlesnitch Thank you. I'll follow along quietly now ;o)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.