You don't even have to actually read them, just assume the worst case for the customer and you'll be right.

Hashicorp's Vault go binary is a whopping 512Mb beast. Recently considered using its agent mode to grab secrets for applications in containers but the size of the layer it adds is unviably big. And they don't seem interested into making a split server/client binary either...

For that price ? The bubble already popped for sure !

Nice! Soon enough they'll be forbidden to be outside during the day too, to avoid taking any risk crossing these "adults" thing probably.

Because so many children are going outside instead of wasting their life on TikTok Twitch etc.

The amount of human hours spent watching others play video games / gamble / creating parasocial relationships: https://twitchtracker.com/statistics/watch-time

Curfew laws are quite common aren't they?

And cigarettes! What next booze!?

Libertarianism really does hit a wall when it comes to kids, in so many ways, doesn't it?

Not really, we just say the parents are more attuned to their child then the national government. I love the dystopian argument that without age laws parents would be out buying cigarettes and booze.

this isn't an issue as these laws aren't about the kids anyway

They surely don't have any kind of access to letsencrypt root certs whatsoever

You can't decrypt anything with letsencrypt root certs, you can issue your own certificates but it would be impossible to use those at any significant scale.

It's also worth considering that CT makes it extremely noisy to use such certificates to attack web browsers.

I'd bet they could absolutely proxy large parts of people and make use of these certs. I wonder how much are CT logs scrutinized, would these "rogue" certs be found easily because we can't find traces of them being generated by letsencrypt ? Browsers checks CRLs but are they checking CT logs to be ensure the cert they're checking was logged ?

They couldn't do that at scale without being detected, no. There are various people actively looking for this, and the existing tooling makes it easy to detect.

>Browsers checks CRLs but are they checking CT logs to be ensure the cert they're checking was logged ?

Yes, all modern browsers require certificates to be in the CT logs in order for them to be accepted.

For example, we can easily pull up logs for gmail.com and see which certificates browsers would accept. https://api.certspotter.com/v1/issuances?domain=gmail.com&ex...

You acknowledge your first argument is invalid, handwave that away and then your whole idea of Microsoft's office suite's dominance is "lobbyism"?

Good lord.

Do you get direct connections or are you stuck with the backup relays ?

My bank doesn't even allow me to have USB debugging enabled

That's exactly why I didn't want to trust this app with a google account, it's mandatory to use it. SmartTube also requires permission to install applications for it's updater feature so it's also possible if the attack was targeted for the malware to install another app to get persistance.

Although it's very unfortunate this happened, and it shows a lack of security practices, this could happen to any all developer. Compromising other apps you do install.

On my TV the app vanished and after some searching, it was disabled. I was kinda afraid Google had finally (ab)used it's Play Services power to ban it. But luckily it was because the developer marked it as compromised. All and all impact was minimised this way.

I doubt your statement about requiring a Google account to be connected, as you can also import subscriptions instead of granting access to your account.

> it's mandatory to use it

I've been using it for years and I've never had to sign in.