Xbox live certificate accidentally published.

Interesting...

 

In b4 eejits going all "omg live's borken!1!". That cert seems to be "only" for the website's https connection, no online (as in game) services are likely to be affected at all. Also note there's no Xboxen listed amongst the affected software.

 

the xbox one will probably auto update the Cert and that be the end of the attack.

 

LMAO, while its obviously not a big deal in terms of the potential damage, this is a key management failure on par with sony's ECDSA rng goof.
how the hell do you accidentally release the private keys for a certificate like that lmao

-doulomb

 

> auto update on xbone
Well, that's also true for the Windowses, and they did list those.

> how do you even...
Stupidity, plain and simple. Just look at all the private info on github. SSL keys, user credentials in versioned config files, hardcoded credentials in source code...