Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
codexon
on Aug 3, 2012
|
parent
|
context
|
favorite
| on:
Why Valve? Or, what do we need corporations for..
If your SSL is compromised, the attacker can insert javascript to send the unencrypted password somewhere else.
That is why security experts like tpacek have repeatedly said js encryption schemes aren't secure.
furyofantares
on Aug 4, 2012
[–]
Why do you say an SSL compromise necessarily means the attacker can manipulate the connection? And what about a promise between the SSL endpoint and the database?
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
That is why security experts like tpacek have repeatedly said js encryption schemes aren't secure.