Yes they have hardcoded a key in terminal. This introduces another vulnerability. I will add the details in the bitcointalk post.
Login to reply
Replies (3)
its not a vulnerability if they're modulating the hardcoded key per CJ round correct?
as @waxwing suggested on original vulnerability disclosure post Jan 7th?
either way, the server CANNOT give clients a unique key for identification.
there hasnt been enough time to actually review the implementation.
so I'd just STFU for now.
Yes they have hardcoded a key in terminal. This introduces another vulnerability. I will add the details in the bitcointalk post.
View quoted note →
yeah but he didn't accurately describe the result.
there just hasn't been enough time to review and theres lots of nuance.
Yes they have hardcoded a key in terminal. This introduces another vulnerability. I will add the details in the bitcointalk post.
View quoted note →