|
|
|
|
|
|
by mag00
3813 days ago
|
|
|
I'm curious how typo and bit squatting would come into play here, and if attacks leveraging them could collect private keys at a dangerously high rate before people can patch their clients. Products like heroku, or the stripe CTF, or other things that come to mind that operate over SSH going rogue a bit scarier. If one were to be compromised it would be a case where mass amounts of private keys could leak. AWS, github, all cloud VPS providers, etc. Multifactor is relevant as a defense with a vulnerability like this. |
|
|