Tag
An open-source tool that uses proxy software HTTPS decryption to achieve global arbitrary location spoofing on iOS devices. Supports mainstream proxy platforms such as Shadowrocket/Surge/Loon/Quantumult X/Stash, no developer account or compilation required.
wloc is an open-source tool that allows iOS users to change their network location to anywhere in the world by selecting a point on the map with one click. It supports multiple proxy apps and requires no jailbreak.
The article argues that ignoring DNSSEC exposes users to man-in-the-middle attacks, using examples from email, Matrix, and XMPP, and draws a parallel to the historical resistance against HTTPS.
A researcher discovered a remote code execution vulnerability in AMD's AutoUpdate software due to insecure HTTP download links and lack of certificate validation. AMD initially dismissed it as out of scope but later agreed to issue a CVE and fix after public attention.