61

🫡🫡🫡Link in description(hexbear.net)

posted
by
Avatar
hector_titucius [he/him]@hexbear.net
in
Avatar
chapotraphouse@hexbear.net
30 comments
hidereport
Sort:
HotTopControversialNewOld
Avatar
pooh [she/her]@hexbear.net
18 points
*

permalink
report
reply
Avatar
radiofreeval [any]@hexbear.net
10 points

Is that hacker news over telegram?

permalink
report
reply
Avatar
Duży Szef [he/him]@lemmygrad.ml
14 points

:sicko-jammin:

permalink
report
reply
Avatar
mustardman [none/use name]@hexbear.net
12 points

What can they do with a signing key?

permalink
report
reply
Avatar
hector_titucius [he/him]@hexbear.netOP
15 points
*

Leak Hillary Clinton Emails

permalink
report
parent
reply
Avatar
FourteenEyes [he/him]@hexbear.net
9 points

delicious buttery mails

permalink
report
parent
reply
Avatar
blobjim [he/him]@hexbear.net
10 points

Pretend to be someone they aren’t

An actor that can acquire a private signing key can then create falsified tokens with valid signatures that will be accepted by relying parties. This is called token forgery.

permalink
report
parent
reply
Avatar
mustardman [none/use name]@hexbear.net
8 points

Oh cool so they can distribute updates?

permalink
report
parent
reply
Avatar
blobjim [he/him]@hexbear.net
4 points

The article just says they signed authentication tokens which gave them access to outlook emails. I don’t think it was code signing that would let them distribute software, and that’s not what they were after.

permalink
report
parent
reply
Show more comments
Avatar
Starlet [she/her, it/its]@hexbear.net
14 points

permalink
report
reply

chapotraphouse

!chapotraphouse@hexbear.net

Create post

Banned? DM Wmill to appeal.

No anti-nautilism posts. See: Eco-fascism Primer

Vaush posts go in the_dunk_tank

Dunk posts in general go in the_dunk_tank, not here

Don’t post low-hanging fruit here after it gets removed from the_dunk_tank

Community stats

  • 3K

    Monthly active users

  • 13K

    Posts

  • 172K

    Comments

Community moderators