that solves a completely different problem (and creates new ... • Aaron Parecki

45°F

alianora https://cybre.space/@nightpool • Jan 23
@aaronpk also, your blog post doesn't immediately address the pinning case—lots of mobile apps pin their certificates now (which, again, is only as secure as far as the computing platform is .....)

that solves a completely different problem (and creates new problems), but isn't related to the challenge of how to avoid embedding secrets

San Francisco, California • 59°F

Tue, Jan 22, 2019 4:38pm -08:00

1 reply
Have you written a response to this? Let me know the URL:
- alianora cybre.space/@nightpool
  
  @aaronpk I agree, but there's a whole section on "HTTPS requests can be intercepted from mobile apps" that most developers will just ignore because they believe they Figured It Out
  
  Wed, Jan 23, 2019 12:39am +00:00

Posted in /replies using monocle.p3k.io