[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FD] Telegram authentication bypass
- To: jdiaz@xxxxxxxxxxxxxx
- Subject: Re: [FD] Telegram authentication bypass
- From: Tony Arcieri <bascule@xxxxxxxxx>
- Date: Tue, 29 Apr 2014 11:24:01 -0700
On Tue, Apr 29, 2014 at 1:26 AM, <jdiaz@xxxxxxxxxxxxxx> wrote:
> Thus, in this case, the development of such malicious client is not out of
> their security model and it is an actual design flaw.
I'm no fan of Telegram, but this is silly.
Can you point to any security software that can survive the "client is
duped into installing malware" attack?
--
Tony Arcieri
_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/