09/27/2017 (Wed) 12:36:26
>FinFisher spyware masqueraded as an executable file named “Threema”. Such a file could be used to target privacy-concerned users, as the legitimate Threema application provides secure instant messaging with end-to-end encryption. Ironically, getting tricked into downloading and running the infected file would result in the privacy-seeking user being spied upon.
ha ha ha oh wow
Privacy concerned users don't use proprietary crap that cooperates with foreign oppressive regimes upon phone call.
ISP can't mitm you without bribing a legit certificate for most download sites. It only occurs in rare situations when CIA niggers do targeted attacks on users, because widespread attack would immediately result in banning this CA from all browsers on next update.
And if you happen to download exe files through plain http without verifying signatures obtained through reliable third party, well shit on yee.
>The 307 response from the Web server should always include an alternative URL to which redirection should occur. If it does, a Web browser will immediately retry the alternative URL. So you never actually see a 307 error in a Web browser, unless perhaps you have a corrupt redirection chain e.g. URL A redirects to URL B which in turn redirects back to URL A. If your client is not a Web browser, it should behave in the same way as a Web browser i.e. immediately retry the alternative URL.
So, if your user is retarded enough download executables through insecure channel and not from developer's repository, then he is not qualified to use computer anyways.