|
|
|
|
|
|
by jdamato
2705 days ago
|
|
|
Thanks for commenting this! I've seen this website before and it's really unfortunate how much attention it gets. APT's use of plain text HTTP (even with GPG) is vulnerable to several attacks outlined in this paper: https://isis.poly.edu/~jcappos/papers/cappos_mirror_ccs_08.p.... Yes, this paper is old, but APT is still vulnerable to most of these attacks. I would advise anyone wanting to use APT to do so only with TLS. |
|
|