[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Salsa update: no more "-guest" and more

On 30.04.20 01:15, Bernd Zeimetz wrote:
> On 4/28/20 3:20 PM, Thomas Goirand wrote:
>> That's not the case. An MITM attack could gain a session and maintain it
>> open, while the end user would just notice "oh shit, I miss-typed the
>> 2FA numbers, let's try again". Then the only thing the attacker needs to
>> do is keep the session open to not loose access...
> I hope you realize that no session is open forever.

Just for giggles: [longest TCP

Reply to: