http subversion URLs should be discontinued in favor of https URLs
Yuri
yuri at rawbw.com
Sun Dec 10 19:23:31 UTC 2017
On 12/10/17 10:15, Igor Mozolevsky wrote:
> They are not "hypothetical characters," they are invented characters that
> are used in a threat model. But that's reframing the problem- a
> hypothetical threat model is very different to a real threat model.
This is a very real threat model. There are a lot of malicious Tor exit
node operators, and a lot of FreeBSD users update their system over
subversion. The only thing that the Tor node operator needs to do is to
detect relevant requests and serve malware.
How is this not real?
Yuri
More information about the freebsd-security
mailing list