diff options
| author | Linus Färnstrand <linus@mullvad.net> | 2025-07-09 09:15:44 +0200 |
|---|---|---|
| committer | Linus Färnstrand <linus@mullvad.net> | 2025-07-10 13:08:12 +0200 |
| commit | 6e1fc31ed296610bd6f7b3b45d49154fa0f7dcf4 (patch) | |
| tree | 94d376c6e2cf4e63b987d03d54f39241670239a4 | |
| parent | 17243bd8149f8247ec9052425e56ed47e43d03ea (diff) | |
| download | mullvadvpn-6e1fc31ed296610bd6f7b3b45d49154fa0f7dcf4.tar.xz mullvadvpn-6e1fc31ed296610bd6f7b3b45d49154fa0f7dcf4.zip | |
Use `mullvad-update` instead of "loader" in a few places
| -rw-r--r-- | mullvad-update/threat-model.md | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/mullvad-update/threat-model.md b/mullvad-update/threat-model.md index 73838b5594..6dfed1180a 100644 --- a/mullvad-update/threat-model.md +++ b/mullvad-update/threat-model.md @@ -49,7 +49,7 @@ With the goal to … vulnerabilities * Serving files large enough to fill up the targets disk/ram -* Modify the downloaded installer on the client machine, tricking the loader/in-app upgrades +* Modify the downloaded installer on the client machine, tricking the `mullvad-update` mechanism to run a malicious installer with admin privileges. The result is that the attacker can escalate their foothold on the client machine from regular user to administrator. @@ -57,7 +57,7 @@ With the goal to … # Countermeasures Here are countermeasures we have identified against the above attackers which have been implemented -in the loader: +in `mullvad-update` and the loader/in-app upgrade mechanisms: * Attach a signature to the metadata, and verify it on the client before using it |