|
|
|
|
|
|
by frederikvs
3489 days ago
|
|
|
From TFA : "Such requests are encrypted with DES ( ECB mode ) however the encryption key is hardcoded inside the application itself (thus known to an attacker)." The word "however" seems to imply that the first part of the phrase is not a problem, but the second part is. But DES? Seriously? I thought DES has been considered unsecure since the 90s.
And ECB mode? I thought we all knew you can see penguins through ECB... |
|
|