Experimental News Clipping Site

Tag: certificate pinning

  • Hacker News: F-Droid Fake Signer PoC

    by

    system automation
    in

    Source URL: https://github.com/obfusk/fdroid-fakesigner-poc Source: Hacker News Title: F-Droid Fake Signer PoC Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses vulnerabilities in the APK signing process for Android, specifically how certain implementations of fdroidserver and related tools can be exploited, leading to potential bypasses of certificate pinning. This is critical for professionals…

  • Hacker News: Avoiding downtime: modern alternatives to outdated certificate pinning practices

    by

    system automation
    in

    Source URL: https://blog.cloudflare.com/why-certificate-pinning-is-outdated Source: Hacker News Title: Avoiding downtime: modern alternatives to outdated certificate pinning practices Feedly Summary: Comments AI Summary and Description: Yes Summary: The text critically examines the practice of certificate pinning in the evolving landscape of Public Key Infrastructure (PKI). It highlights the risks and management challenges associated with keeping pinned certificates…