• @mranderson17@infosec.pub
    link
    fedilink
    3111 months ago

    “An attacker would need to be able to coerce a system into booting from HTTP if it’s not already doing so, and either be in a position to run the HTTP server in question or MITM traffic to it,” - Matthew Garrett

    Summary left out a quite important bit.

    • Quazatron
      link
      fedilink
      611 months ago

      Security people sure are an enthusiastic bunch of fellows.