Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security aspect #31

Open
rugk opened this issue Apr 16, 2017 · 1 comment
Open

Security aspect #31

rugk opened this issue Apr 16, 2017 · 1 comment

Comments

@rugk
Copy link

rugk commented Apr 16, 2017
edited by ale5000-git
Loading

How does this app control/limit, which apps can spoof signatures?

Haystack e.g. does/did it via permissions and an entry in the developer tools. How does tingle control it?

Allowing all apps to spoof signatures is obviously dangerous.

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.
@ale5000-git
Copy link
Owner

ale5000-git commented Jun 12, 2017
edited
Loading

@rugk: The patch was like this (without control) from the start, to easily support every existent device.

I do have plans to improve it, but this won't be soon.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rugk @ale5000-git