navigation bar left navigation bar right

Secunia CSI7
navigation left tab Advisories navigation right tab
navigation left tab Research navigation right tab
navigation left tab Forums navigation right tab
navigation left tab Create Profile navigation right tab
navigation left tab Our Commitment navigation right tab
Open Discussions
My Threads
Create Thread

Forum Thread: PSI is not that secure

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:

This thread has been marked as locked.
C0nc3rn3d PSI is not that secure
Member 22nd Nov, 2013 22:59
Ranking: 0
Posts: 2
User Since: 13th Nov, 2013
System Score: N/A
Location: FR
Hey guys!

Sorry for the short message on that mogs quickly closed. He must have thought it was a joke. But it wasn't. Anyway, thanks for the Wikipedia lesson, bro.

PSI downloads executables on the domain. Open up Wireshark, and see that it's NOT using SSL. The FAQ is nice and all, but of what use is it if it provides incorrect information?

Try, just like PSI, to download However, the server does support SSL, but with an outdated certificate. This is not serious, for a security company.

The only reason I said it only *seems* to be susceptible to MitM is because you may use hash verifications. Or digital signature. Please tell me you do.
Anyway, even if you do, you are still sending plain-text requests about my softwares. For example, I don't want the guys at my uni to know what software I am using.

Have you heard of the LG Smart TV controversy? This seems pretty similar to me.

mogs RE: PSI is not that secure
Expert Contributor 23rd Nov, 2013 08:07
Score: 2265
Posts: 6,268
User Since: 22nd Apr 2009
System Score: 100%
Location: UK

Any thread automatically locks after seven days if there's no activity on it. If I'd have thought you were joking, it's likely I wouldn't have replied at all.
It seems to me that any fears you may have ,will only be allayed by an explanation from Secunia Support. If they do not pick up on a can always e mail


Was this reply relevant?

This thread has been marked as locked.

 Products Solutions Customers Partner Resources Company
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
Technology Partners
 About us

Secunia is a member of FIRST Secunia is a member of EDUcause Secunia is a member of The Open Group Secunia is a member of FS-ISAC
Secunia © 2002-2015 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer
follow Secunia on Facebook follow Secunia on Twitter follow Secunia on LinkedIn follow Secunia on YouTube follow Secunia Xing follow Secunias RSS feed follow Secunia on Google+