|
|
|
|
|
|
by shakna
1453 days ago
|
|
|
Not only was the flaw unaddressed, the decision was made to make it harder to see who is requesting the code - the app now only shows the user an accept/reject button. The replay attack can be done entirely passively, without any awareness that it has taken place, even by a user who is paying attention. |
|
|