I guess I'm confused, you already trust them by running setup.exe. I understand if there was additional attack surface (that would be the AV complaint), but what attack surface does adding a locally generated CA add?
-
-
Why does a hotel mind if you make a duplicate copy of the room keys? They trust you with the room already.
2 replies 0 retweets 0 likes -
I suppose they mind because they don't want you to have access after you've checked out. Are you saying they might maliciously upload the key, then use it as a backdoor later? If they're malicious, there are so many better ways once you've given them Admin, no?
1 reply 0 retweets 3 likes -
It adds a (literal) key trust/management problem to the easier 'clean the room after checkout' problem.
2 replies 0 retweets 1 like -
I don't see how, describe the attack to me? We're on the same page here that this is a trusted process generating a per-machine certificate, right? If you have an attack against this that doesn't require Administrator, that would be huge - this is really common.
1 reply 0 retweets 4 likes -
No, just looking at this as an opportunity to lessen privilege.
1 reply 0 retweets 0 likes -
This Tweet is unavailable.
-
I think they goofed and installed the cert in the wrong keystore. Basic constraints doesn't include CA = YES. Probably they wanted to install the cert for all users, rather than each user on the system that runs the app and misunderstood the purpose.
1 reply 0 retweets 0 likes -
Wait, so isCa is FALSE? Now I'm even more confused about what the problem is. I think I need to take a look, because this sounds totally acceptable to me.
1 reply 0 retweets 0 likes -
This Tweet is unavailable.
Well, I did anyway, and it is definitely not a CA certificate. I have no idea what people are complaining about, it's a self-signed leaf. Blizzard have implemented this correctly, there is no security or privacy risk.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.