![]() What they're installing is a leaf certificate specifically for the domain. They don't now nor did they previously install a CA certificate. In particular, the certificate that Blizzard installs on the system is not a CA certificate. I hope it's OK to reply to a stickied comment, but there's so much misinformation below. The OP and many comments in the thread contain factual inaccuracies. To elaborate, there is no privacy or security issue. If this was installed in the Personal or Local Items/login keystore, it would be fine as-is. The Blizzard Agent process can intercept your network traffic, create a forged certificate to allow them to decrypt the traffic, and you will never know about it.Įdit: Comparing this cert (and the slightly different version on Windows), to other CAs, I think Blizzard just installed it in the wrong key store. In case you didn't know, a trusted root CA has the ability to create a certificate that is valid for any website or server and your computer won't warn you about it. The expiration day is December 19th, and since certificates are usually generated for a certain number of years, that means it was just created. I opened Keychain and looked in the System Roots, searched for Blizzard, and sure enough, here it is. I was immediately suspicious, so I checked Activity Monitor and noticed that the Agent process has open file handles to all the Keychain files, most notably to the System Roots Keychain, which holds all the trusted root CA certificates. Original post: While running the updater for HotS this morning I got a strange prompt that Agent wanted to make changes on my computer and needed my admin password. Technically it's incorrect to not set CA:false on this certificate, but in reality it should not allow forged certs in any major browser. ![]() In any case it's highly unlike that the OS APIs for certificates on Windows or macOS would allow a certificate to be valid if it was signed by this one. It appears the way to mark a certificate as trusted (for a particular site, not as a CA) may be slightly different on Windows. After extensive discussion, I don't think it's as big a deal as I initially thought. The private key should also be unique on each machine (again, I could be wrong).Įdit 3: I talked to Tavis Ormandy for a long time today. There is no escalation of privileges that I'm aware of, because Agent already gets admin privileges to install and (presumably) the private key requires Administrator/root to extract (although I could be wrong about that). 5Įdit 2: TO BE CLEAR THIS IS NOT A SECURITY PROBLEM. ZloyEugene TOP ILLIDAN EU (No) | INSANE SPEEDRUN 2 DIAMOND TO MASTER 43 KureGG (NEW !YT vid out) - EU GM SOLO Q it's beeeeeeeeeeeeg 110įanHOTS (RERUN) BRONZE TO GM RETURNS! GOING TO DOC OFFICE NEXT STREAM ON 8/31║ COMPREHENSIVE GRANDMASTER LEVEL HOTS GUIDES ON !Patreon ║ 8.27.23 66īahamutGaming NA Solo SL Heals | !CORSAIR | !Bid4 54 LiquidHasuObs □ stormleague □ !inhouse !youtube 678 ![]() To setup from PC, you can visit the Connections webpage.Blue Tracker ESPORTS CALENDAR ( LIQUIPEDIA) If you encounter errors while linking your accounts, follow the instructions on the Account Link Common Problems support article.Ĭheck out the Account Link support article for more information on how to merge your accounts. Double-check to make sure you are linking the correct account to your account. Once you merge a console account with a account, you will be unable to link to a different console account on the same platform. You will only have one opportunity to merge the correct account. Once complete, you will be prompted to confirm your account upon the next game login to merge your accounts.Enter the code displayed on your console to connect to or create your Blizzard Account.Follow the on-screen prompts to scan a QR Code on your mobile phone.Login to Overwatch from your console account.Here are the steps you can take to merge your console account to a account: ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |