Programming icono/programming
2

H&R Block tax software installs a TLS root certificate with bundled private key

(news.ycombinator.com)

Submitted 3 hours ago by devlinks

1 commentsharesavehidereport
1

1 comment

Sort:
Add a comment...
tldr-bot1 point3 hours ago

H&R Block's tax software installs a TLS root certificate with an embedded private key, allowing attackers to intercept encrypted traffic on networks where the software is present. The company acknowledged awareness of the vulnerability through internal security assessments but has not implemented a fix, prompting security concerns about the software's trustworthiness.

sharesavefunnyreportreply
1
Programming cover
Programming icon

Programming

A community for programming content

3 subscribers

100% liked

Submitted by devlinks to Programming on 22 Mar 2026

Create post

Created by devlinks, 4 weeks ago

Related posts
Thoughts on OpenAI acquiring Astral and uv/ruff/ty
Thoughts on OpenAI acquiring Astral and uv/ruff/ty
1 point · 1 comment · 3 hours ago
Ubuntu 26.04 Ends 46 Years of Silent sudo Passwords
Ubuntu 26.04 Ends 46 Years of Silent sudo Passwords
1 point · 1 comment · 3 hours ago
Related UI elements should not appear unrelated
Related UI elements should not appear unrelated
1 point · 1 comment · 1 day ago
I'm OK being left behind, thanks
I'm OK being left behind, thanks
7 points · 1 comment · 1 day ago
Android developer verification: Balancing openness and choice with safety
Android developer verification: Balancing openness and choice with safety
5 points · 0 comments · 1 day ago