Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I guess we disagree then. Pen testing to me is: "Can I steal your key? Here, I have a proof that I can steal it." Actually exfiltrating (not necessary to produce a proof that you were able to view it) so that you can produce fraudulent signatures is completely orthogonal to exfiltration.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: