limpkin
commented
1 year ago I must be missing something... but moolticute has an option allowing you to set a random starting pin...
Closed michaelni closed 1 year ago
limpkin
commented
1 year ago I must be missing something... but moolticute has an option allowing you to set a random starting pin...
michaelni
commented
1 year ago I must be missing something... but moolticute has an option allowing you to set a random starting pin...
Indeed, sorry i have missed that. I wonder why its not default though Thanks
The pin entry should start with a random value for each of the 4 values
Currently it always starts at 0, this allows an attacker to count the clicks from the sound or from seeing the persons fingers even if the display is not visible. It also leaks information from the time taken to enter each digit.