Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
theEXTORTCIST
on July 10, 2017
|
parent
|
context
|
favorite
| on:
Taking control of all .io domains with a targeted ...
the attacker MITM TLS has to present a certificate for the spoofed domain that was signed by a Certificate Authority the victim's browser trusts
discreditable
on July 10, 2017
[–]
Very easy to do. You can even automate it with Let's Encrypt since you can serve whatever DNS records you want.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
