Although “0day” is most commonly used in the context of severe security issues exploited in the wild, its only real meaning is that a flaw was revealed publicly without a patch being available. Although the Confluence thing I tweeted is one, in context it’s not a systemic threat
-
-
To be fair there is software that generates a unique key on the device so it’s a good bet but not always
-
Sure. But that requires that the CA that generates the certificate *also* uses a unique-per-installation CA private key, *and* that the CA is installed into the trusted root CA list in the OS where the software is installed. Not impossible, but expect mistakes (e.g. Superfish).
- 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.