|
|
|
|
|
|
by badloginagain
3076 days ago
|
|
|
Last comment in report: > Their solution appears to be to query the client command line, get the 32-bit FNV-1a string hash of the exename and then check if it's in a blacklist. I proposed they whitelist Hostnames, but apparently that solution was too elegant and simple. It looks like they just block specific browsers from doing the exploit, except they have to actively maintain the blacklist, which is sub-optimal. |
|
|