Github's Total Security Facepalm https://donatstudios.com/GithubsTotalSecurityFacepalm …
-
-
I lost a domain that was used to distribute binaries. The website was only accessible over HTTPS with highly secure settings. But today, the new owner of the domain can use it to distribute malware. HTTPS is totally useless to prevent this. Only signature verification can.
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
well, on a private domain name, transport trust should be enough :/ Also, having a signature need further action from the receiver : checking the signature against something else (a copy of it on a website, or a pgp key weboftrust etc.)
-
Totally not. See the next tweet :)
End of conversation
New conversation -
-
-
this is a nice solution for this issue. ttps://twitter.com/fireblock_io/status/96045742605
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.