|
|
|
|
|
|
by tialaramex
1127 days ago
|
|
|
Only one of those links, the Iranian one, dated 12 years ago, is about a case where there was MITM with a bogus but valid certificate. The Chinese and Syrian cases are just straight MITM, a somewhat knowledgeable teenager could do that, and to the extent it'd work you should focus on things that's solve for the "knowledgeable teenager" case not the "What if state actors with unlimited resources target me?" case. Twelve years ago is a different era, no Blessed Methods, no Certificate Transparency, pinning was new, which is why they got caught. |
|
|