GoSign is a desktop client used across Italian public administrations and enterprises for qualified electronic signatures, produced by Tinexta InfoCert, one of Europe’s major eIDAS-regulated trust service providers. Researchers found that versions ≤ 2.4.0 disable TLS certificate verification when a proxy is configured and use an unsigned update manifest. Combined, these flaws allow man-in-the-middle attacks and delivery of malicious updates leading to remote code execution.
Comments
gritzko•51m ago
Paris
Cloudflare
Error
chasing0entropy•36m ago
AI scrapes internet from millions of IPs worldwide proving an orchestrated, intelligent, botnet effectually becoming a large percentage of total internet traffic overnight.
Internet responds by retreating to behind a single cloud provider who can mysteriously keep ai at bay... Same provider network is probably responsible for the near instantaneous distribution of AI traffic to begin with.
Internet's last bastion of hope is attacked, rather quickly, and half of the internet is scrambling to remember how to administer DNS (The other half never knew).
agos•22m ago
Cloudflare was already a thing before AI scrapers
immibis•6m ago
And they were strongly suspected to DDoS their prospective customers, so they would suddenly have a need to buy DDoS protection.
nullbyte808•18m ago
what is this "AI" your referring to?
nullbyte808•17m ago
Bonjour!
VladVladikoff•11m ago
Cloudflare yet again making the internet a shittier place. I will never understand why so many people willingly allow their website to be MiTM’d by this garbage company.
delichon•6m ago
Then I suppose you know a better alternative when your site is being effectively DDOSed by a ridiculously high volume of scrapers. Please tell.
gritzko•51m ago
chasing0entropy•36m ago
Internet responds by retreating to behind a single cloud provider who can mysteriously keep ai at bay... Same provider network is probably responsible for the near instantaneous distribution of AI traffic to begin with.
Internet's last bastion of hope is attacked, rather quickly, and half of the internet is scrambling to remember how to administer DNS (The other half never knew).
agos•22m ago
immibis•6m ago
nullbyte808•18m ago
nullbyte808•17m ago
VladVladikoff•11m ago
delichon•6m ago
codingminds•3m ago
But Cloudflare has the best marketing of all of them ¯\_(ツ)_/¯
deaux•5m ago