![]() All evidence points to TV NOT being hacked SO FAR. Unlikely, I'll admit, but things like this DO happen, and someone looking to pull off DNS shenanigans with a host that uses TLS would absolutely be interested in complementing it with one or more of the above.įollow this guide, and assuming they were NOT hacked, you should be safe. Getting a custom root certificate installed on a workstation is possible if users are tricked into it or have a workstation administrator who installed it so a decrypting gateway could work its magic, and the gateway would need to be improperly configured such that the mismatch in the origin's certificate doesn't grind the connection to a halt, instead proceeding to re-roll the certĪ developer of the TV client could've accidentally left in a skip-verification flag on the TLS settings (along the lines of the -insecure switch in cURL, the -no-check-certificate switch in wget, the "TLS_REQCERT never" LDAP configuration, etc.) in some rare code path such that most users have a problem with the client but those using the rare code path don't Getting a trusted certificate for a domain you don't own is extremely rare but has happened One of the basic TLS features to to verify the end host.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |