|
|
|
|
|
|
by themafia
36 days ago
|
|
|
The browser still has to execute code over HTTPS. You've just moved the injection perimeter from inside my own network into the providers website. I don't think you've fundamentally changed your level of risk unless you spend a huge amount of time browsing on shared password WPA protected wifi networks. You cannot browse to sites under any regime and execute code while expecting security to exist. |
|
|