Forgot your password?
typodupeerror

Comment: routers, package management, vpn (Score 1) 144

Generally you're right to point to router security, but I don't think it's relevant here. Router software package installation -- where you might think you want tls to fetch the package safely -- should be using package signatures rather than relying on tls.

Article writer Dan Goodin missed this point in his first draft. He thought he had a story, and failed at the fact-checking stage.

Would you rely on X.509 for a vpn? The implementation is irrelevant.

ATMs, no. Web banking really does have a problem, and it's much bigger than bugs in tls.

I think David Jao and others are right, and this is not news.

The meat is rotten, but the booze is holding out. Computer translation of "The spirit is willing, but the flesh is weak."

Working...