Apple iMessage Open to Man in the Middle, Spoofing Attacks http://kwest.in/16R3c5N
@kwestin If the provider can read messages, how is that MITM. More like 'provider in the middle'. Gmail & basically all SAAS same issue.
-
-
@inthecloud247 not necessarily just the provider, but anyone with the cert appearing to be the provider -
@kwestin I hope they're using certificate pinning. Relying on the CA definitely isn't a security best practice.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.