• Aniki@feddit.org
    link
    fedilink
    arrow-up
    19
    arrow-down
    1
    ·
    3 天前

    best to always use incognito browser on public devices. when you close the browser, it logs you off automatically.

        • KubeRoot@discuss.tchncs.de
          link
          fedilink
          English
          arrow-up
          2
          ·
          2 天前

          Router doesn’t matter if the device is trusted and the service you’re using doesn’t have shite security, with things like HTTPS.

            • diabetic_porcupine@lemmy.world
              link
              fedilink
              arrow-up
              2
              arrow-down
              1
              ·
              2 天前

              You can always use pihole to mess with your local dns and resolve to a fake website that looks like your social media of choice and collect their password

              • Anivia@feddit.org
                link
                fedilink
                arrow-up
                1
                ·
                1 天前

                Only if the user ignores the “unsafe connection” warning in the browser, since you won’t have an SSL certificate for the domain

                • diabetic_porcupine@lemmy.world
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  1 天前

                  Hmm good point… you would need the ca to sign off on it self signed doesn’t work… it’s just a file though right? Couldn’t you rip it from the real server?

                  • Anivia@feddit.org
                    link
                    fedilink
                    arrow-up
                    1
                    ·
                    17 小时前

                    it’s just a file though right? Couldn’t you rip it from the real server?

                    No, that’s not how TLS works. The certificate is not exposed to the internet unless the admins of the webserver are extremely incompetent. That would defeat the entire purpose, not only could you impersonate the server, but the encryption would also be futile since anyone would have access to the private key.

          • lost_faith@lemmy.ca
            link
            fedilink
            arrow-up
            3
            ·
            2 天前

            lol, warned 2 guys I worked with not to use the starbucks free wifi or any free wifi. One of them had their bank info compromised, the other had their google compromised.