http subversion URLs should be discontinued in favor of https URLs
Igor Mozolevsky
mozolevsky at gmail.com
Sun Dec 10 18:15:47 UTC 2017
On 10 December 2017 at 18:01, Yuri <yuri at rawbw.com> wrote:
> On 12/10/17 09:51, Igor Mozolevsky wrote:
>
>> Hypothetical MITM-bogeyman and "suits not knowing that I use FreeBSD"
>> doesn't make SVN over HTTP insecure.
>>
>
>
> Read here about Alice and Bob: https://en.wikipedia.org/wiki/Alice_and_Bob
>
> Hypothetical characters are commonplace in security discussions.
They are not "hypothetical characters," they are invented characters that
are used in a threat model. But that's reframing the problem- a
hypothetical threat model is very different to a real threat model.
--
Igor M.
More information about the freebsd-security
mailing list