I get that the installer dropped the app cert, but how did the MITM’d download server pass TLS cert validation? Either they weren’t validating (why???) or they weren’t using HTTPS (why???)
I get that the installer dropped the app cert, but how did the MITM’d download server pass TLS cert validation? Either they weren’t validating (why???) or they weren’t using HTTPS (why???)