>According to iVerify, once activated, the application downloads a configuration file via an insecure connection, which can result in system-level code being executed. The configuration file is retrieved from a domain hosted by AWS over unsecured HTTP, which leaves the configuration and the device vulnerable to malicious code, spyware and data wiping.
>Please don't comment on whether someone read an article. "Did you even read the article? It mentions that" can be shortened to "The article mentions that".
croes|1 year ago
>According to iVerify, once activated, the application downloads a configuration file via an insecure connection, which can result in system-level code being executed. The configuration file is retrieved from a domain hosted by AWS over unsecured HTTP, which leaves the configuration and the device vulnerable to malicious code, spyware and data wiping.
unknown|1 year ago
[deleted]
diffeomorphism|1 year ago
The "unsecured HTTP" is about as relevant as lactose is for a butterfly.
homero|1 year ago
nusl|1 year ago
[deleted]
hoppyhoppy2|1 year ago
https://news.ycombinator.com/newsguidelines.html