[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: Re: [FD] Telegram authentication bypass
From: Tony Arcieri <bascule () gmail ! com>
Date: 2014-04-29 18:24:01
Message-ID: CAHOTMVJqzO_D6qpuNxc7f+CU9df6n=w+ObU7c_6AsR5rBW7xwg () mail ! gmail ! com
[Download RAW message or body]
On Tue, Apr 29, 2014 at 1:26 AM, <jdiaz@cert.inteco.es> wrote:
> Thus, in this case, the development of such malicious client is not out of
> their security model and it is an actual design flaw.
I'm no fan of Telegram, but this is silly.
Can you point to any security software that can survive the "client is
duped into installing malware" attack?
--
Tony Arcieri
_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic