Proofreading fixes 0x05d part 3 #2413
Conversation
Typos, poor English
|
|
||
| - Check if the key attestation is totally implemented at the client-side. In such scenario, the same can be easily bypassed by tampering the application, method hooking, etc. | ||
| - Check if the key attestation is totally implemented on the client-side. In such scenario, the same can be easily bypassed by tampering the application, method hooking, etc. |
There was a problem hiding this comment.
What do you want to say here??
"In such scenario, the same can be easily bypassed by tampering the application, method hooking, etc."
There was a problem hiding this comment.
I agree that this is not clear at all. I would assume that whoever wow this was trying to say something like "it's important to check whether the key attestation is implemented entirely on the client side (i.e., within the application itself), because if it is, then it can be more easily bypassed by attackers". The recommendation would be to implement the server side counterpart as well.
There was a problem hiding this comment.
Thanks @cpholguera. Let's have a go at it then.
There was a problem hiding this comment.
Feel free to change it more. Maybe use some text from my comment. I feel the current version is still missing something :/
As per suggestion, to solve linting issue Co-authored-by: Carlos Holguera <perezholguera@gmail.com>
For understandability
Typos, poor English, links
Thank you for submitting a Pull Request to the OWASP MASTG. Please make sure that:
If your PR is related to an issue. Please end your PR test with the following line:
This PR closes #< insert number here >.