Re: Salsa update: no more "-guest" and more
On 30.04.20 01:15, Bernd Zeimetz wrote:
>
> On 4/28/20 3:20 PM, Thomas Goirand wrote:
>
>> That's not the case. An MITM attack could gain a session and maintain it
>> open, while the end user would just notice "oh shit, I miss-typed the
>> 2FA numbers, let's try again". Then the only thing the attacker needs to
>> do is keep the session open to not loose access...
>
> I hope you realize that no session is open forever.
Just for giggles: [longest TCP
connection](https://ask.slashdot.org/comments.pl?sid=1462&cid=1673396)
Reply to: