Monday, May 4, 2015

AFNetworking, Certs & MITM

Though Apple's iOS AFNetworking vulnerability is several weeks old, I am reminded of the need for IT professionals to constantly be intellectually curious.  To clarify, it never hurts to stay current on crypto libraries & CA logistics even if these are outsourced.

Furthermore, it remains necessary for InfoSec/AppSec professionals to stay slightly paranoid about exploits via threat modelling, etc.  Years after, the industry is still challenged by MITM exploits/vulnerabilities.