![]() ![]() There are a few other things that can go wrong, they can for instance not validate the certificate provided over TLS, effectively allowing MITM attacks to succeed, but that’s a different story altogether, so I won’t go there for now. This was important because if it didn’t, it meant it was sending medical information over plaintext. In my review of the iHealth glucometer I pointed out that I did indeed check if the app talked with the remote service over TLS or not.
0 Comments
Leave a Reply. |