• delirious_owl
    link
    fedilink
    arrow-up
    10
    ·
    6 months ago

    This report is not about how operators of cloud-based IMEs read users’ keystrokes, which is a phenomenon that has already been extensively studied and documented. This report is primarily concerned with the issue of protecting this sensitive data from network eavesdroppers.

    So basically, even after these vulns are fixed, the attacker can just NSL the cloud providers and, boom, surveillance slurping continues.