huh. so when i run windows update today, it has no way to be sure that an on-path attacker isn't changing what fix i receive for this CVE? seems like a chicken or egg problem. in the old days we could also hand-verify hashes. https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601 …
Replying to @paulvixie
You can tcpdump the connection and observe RSA being selected; a MITM would have to force ECDSA to exploit.
9:35 PM - 14 Jan 2020
from Seattle, WA
0 replies
0 retweets
7 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.