They also weren’t doing any kind of SSL verification for the download request, nor were they doing any kind of hash verification or signing. The former would have prevented a redirect attack in the first place, and the latter would have prevented downloaded files from being modified or swapped out.
- 0 Posts
- 2 Comments
Joined 3 years ago
Cake day: July 7th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
As someone who used to do projection mapping professionally: I agree