Y
Hacker News
new
|
ask
|
show
|
jobs
by
pietervdvn
8 hours ago
I'd even count this as "having local access to the device", as that is what is needed to install such a cert
1 comments
arcfour
7 hours ago
I think it's fair to say that requiring local administrative access to the device is out of scope, since you have already completely pwned the device in that case, which is what what you need to install a CA cert on any OSes.
link
inlined
2 hours ago
In honor of The Old New Thing I call these “Vogon vulnerabilities”: I have a marvelous exploit in mind that pwns anyone I have root access to
link