Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
akronim
on Jan 16, 2012
|
parent
|
context
|
favorite
| on:
Login to your Google account by scanning a QR code
If I was writing one I'd just be logging posted form fields with a transparent proxy, almost seems easier than a key logger.
mvermaat
on Jan 16, 2012
[–]
Except that doesn't work if the form posts to a HTTPS URL. You'd have to implement something at the browser level, e.g. installing a modified browser or a browser extension.
jasonmc
on Jan 16, 2012
|
parent
[–]
It is possible to perform a MITM attack on HTTPS when you can install any certificates you want in the web browser.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
