https://www.trailofbits.com/resources/flame-md5.pdf … Sotirov's slides about the Flame MD5 attack.
@kragen : yeah, I've heard similar excuses for why other updaters are safe to use...but "invent your own crypto" is STILL an anti-pattern.
-
-
@slightlylate Well, *someone* has to invent it. Otherwise it won't get invented and we'll all be using knapsack signatures and MD2. -
@kragen : totally fair! But I suspect the Windows Update team wasn't specifically staffed with that mandate. Just guessin. - 11 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
& Web Standards TL; Blink API OWNER
Named PWAs w/
DMs open. Tweets my own; press@google.com for official comms.