Are there any known software updaters that rely only on Secure Transport hostnam... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

hsivonen on Feb 22, 2014 | parent | context | favorite | on: About the security content of iOS 7.0.6

Are there any known software updaters that rely only on Secure Transport hostname checking for update authenticiity?

If you use NSS-based browsers exclusively on OS X, can you have been pwned via fake updates due to this bug?

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact