Joanna Rutkowska

@rootkovska ↗

Deleted No

Hibernated No

Last Checked Nov. 19, 2022

Created

Sat Feb 18 10:40:29 +0000 2017

Likes

Retweets

Source

TweetDeck

View Raw Data

JSON Data

View on Twitter

Likely Available

Joanna Rutkowska @rootkovska

Instead, the OS should enforce 2FAs only to defined apps/domains. This way the phishing attempt can either: — PolitiTweet.org

Posted Feb. 18, 2017

Preceded By

Joanna Rutkowska @rootkovska

"Unspoofable 2FA" alone is not the solution, because of proxy attacks. No meaningful 2FA in an OS where every app f… https://t.co/zAk9OowLjq — PolitiTweet.org

Free CA @letsencrypt on the receiving end of some serious shade. Hope it gets on top of this.… https://t.co/u9MJG3ml30

Posted Feb. 18, 2017

Followed By

Joanna Rutkowska @rootkovska

1. trigger a browser not allowed to get credentials from 2FA to my PayPal, so no problem the website is named https://t.co/fO9mpNfvt0, or: — PolitiTweet.org

Posted Feb. 18, 2017