Re: Salsa update: no more "-guest" and more
On 4/28/20 3:20 PM, Thomas Goirand wrote:
> That's not the case. An MITM attack could gain a session and maintain it
> open, while the end user would just notice "oh shit, I miss-typed the
> 2FA numbers, let's try again". Then the only thing the attacker needs to
> do is keep the session open to not loose access...
I hope you realize that no session is open forever.
--
Bernd Zeimetz Debian GNU/Linux Developer
http://bzed.de http://www.debian.org
GPG Fingerprint: ECA1 E3F2 8E11 2432 D485 DD95 EB36 171A 6FF9 435F
Reply to: