Full Disclosure mailing list archives
Re: Telegram authentication bypass
From: Tony Arcieri <bascule () gmail com>
Date: Tue, 29 Apr 2014 11:24:01 -0700
On Tue, Apr 29, 2014 at 1:26 AM, <jdiaz () cert inteco es> wrote:
Thus, in this case, the development of such malicious client is not out of their security model and it is an actual design flaw.
I'm no fan of Telegram, but this is silly. Can you point to any security software that can survive the "client is duped into installing malware" attack? -- Tony Arcieri _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Telegram authentication bypass jdiaz (Apr 28)
- Re: Telegram authentication bypass Dominik Schürmann (Apr 28)
- Re: Telegram authentication bypass jdiaz (Apr 29)
- Re: Telegram authentication bypass Mario Vilas (Apr 29)
- Re: Telegram authentication bypass Tony Arcieri (Apr 29)
- Re: Telegram authentication bypass jdiaz (Apr 29)
- Re: Telegram authentication bypass Hanno Böck (Apr 28)
- Re: Telegram authentication bypass Dominik Schürmann (Apr 28)