|
|
|
|
|
|
by Arathorn
1289 days ago
|
|
|
The problem is that the paper conflates legitimate implementation vulns (fixed back in Sept) which indeed allowed for practical attacks… with the “group membership controlled by server” issue, which is debatable. Hence folks writing off the remaining issues as ‘academic at best’. It really would have been better to separate the legit vulns from the group membership question, as mixing them up just confuses people, as per this whole thread. |
|
|