|
|
|
|
|
|
by stcredzero
5183 days ago
|
|
|
There's no real chance of this being man-in-the-middled I'll need more convincing. Once you've approved, they have a browser + app pair of cookies Exactly what's keeping the cookie on the browser and the phone from being copied? You must be leaving out some details. This doesn't strike me as "good as it gets." |
|
|
SSL. Either you trust it or you don't. Similarly, either you trust the CAs to work (preventing a real MITM on https traffic) or you don't. Which makes this as secure as your banking site, except for the initial pairing, which I dare say they do more safely than any bank I've seen.