| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHOTMVJqzO_D6qpuNxc7f+CU9df6n=w+ObU7c_6AsR5rBW7xwg@mail.gmail.com> Date: Tue, 29 Apr 2014 11:24:01 -0700 From: Tony Arcieri <bascule@...il.com> To: jdiaz@...t.inteco.es Cc: fulldisclosure@...lists.org Subject: Re: [FD] Telegram authentication bypass On Tue, Apr 29, 2014 at 1:26 AM, <jdiaz@...t.inteco.es> wrote: > Thus, in this case, the development of such malicious client is not out of > their security model and it is an actual design flaw. I'm no fan of Telegram, but this is silly. Can you point to any security software that can survive the "client is duped into installing malware" attack? -- Tony Arcieri _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists