Encrypting all the secrets in addition to using HTTPS is not a bad idea. Middleboxes terminating or intercepting HTTPS are omnipresent.
Trivial encryption within MITIM’d encryption would mitigate the implications of accidental leaks.
-
-
TLS needs to be more aware of MITMs, from AV filters and free wifi captive portals to CDNs/reverse proxies Easier said than done
-
Easier said than done, indeed :/ Especially when users install additional root CAs (ex: https://sk.tl/3n7mJ9K4 )
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.