To all the people telling me this will never happen, and I should stop trash talking 2FA (TOTP, SMS, etc *not* U2F). Please read this, then kindly apologise. https://twitter.com/josephfcox/status/1075391745502924801 …
No, but I guess it means malware or compromised extension, npapi plugin?
-
-
Just refers to any class of malware that fiddles inline in the browser. Displays users what they expect while transaction destinations and other details are fiddled with in the background. And yeah, of course you’re right even U2F isn’t going to save you then.
-
I see, I don't really follow the taxonomy of malware after you've got arbitrary code execution, I think arbitrary code is arbitrary code to vulnerability guys
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
