• Auli
    link
    fedilink
    English
    arrow-up
    6
    ·
    11 months ago

    What kind of cyber security expert doesn’t know banks would be using https.

    • corsicanguppy
      link
      fedilink
      arrow-up
      9
      ·
      11 months ago

      … and the chair of a ‘cyber’ security programme at that!

      Given she used the app and not even a browser, it’s not like even a DNS spoof could work here, redirecting to non-TLS spoofed servers, as the app should look for signed DNS for its upstream API and reject anything else.

      I really think this is BMO victim-blaming.