Y
Hacker News
new
|
ask
|
show
|
jobs
by
ec109685
2266 days ago
They can still write software to insert themselves into the key exchange flow and eavesdrop on a conversation. E.g. I don’t believe there is anything stopping Apple from pretending a participant bought a new device.
2 comments
thebean11
2266 days ago
That's a much less scary attack vector though, since they would also need to somehow impersonate the participants voice or image right?
link
upofadown
2266 days ago
Think of it as aiming a phone at another phone. Apple would decrypt everything and then reencrypt it.
link
xtian
2266 days ago
How would they spoof the 2FA from an existing device?
link