"Secondly, I think that it is inevitable that vendor security compromises will disclose troves of user requests, passwords, credit cards to decryption; but this is perhaps more of a nation-state-adversary level risk." - not sure most people dealing with criminals think this.https://twitter.com/colmmacc/status/965669720119689217 …
You need to be tapping and recording the encrypted sessions in the first place. I think that's beyond criminals today.
-
-
You're missing the point that they'll use TLS 1.3 to hide extraction. It'll be other flaws that are exploited. I just point this out as a real world threat. There is a vacuum being created and I can't see this endong well unless we find solutions first.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.