You can always use pihole to mess with your local dns and resolve to a fake website that looks like your social media of choice and collect their password
Hmm good point… you would need the ca to sign off on it self signed doesn’t work… it’s just a file though right? Couldn’t you rip it from the real server?
lol, warned 2 guys I worked with not to use the starbucks free wifi or any free wifi. One of them had their bank info compromised, the other had their google compromised.
Or just not be a moron and put your credentials into a random device in some store
Who knows what is running on that device AND router.
Router doesn’t matter if the device is trusted and the service you’re using doesn’t have shite security, with things like HTTPS.
Forreal I will never use a mfers WiFi
I mean, we have https now. Also VPNs. Wouldnt this make most situations secure?
You can always use pihole to mess with your local dns and resolve to a fake website that looks like your social media of choice and collect their password
Only if the user ignores the “unsafe connection” warning in the browser, since you won’t have an SSL certificate for the domain
Hmm good point… you would need the ca to sign off on it self signed doesn’t work… it’s just a file though right? Couldn’t you rip it from the real server?
lol, warned 2 guys I worked with not to use the starbucks free wifi or any free wifi. One of them had their bank info compromised, the other had their google compromised.
VPN ffs
At the time, when I warned against it, I was told that I was too paranoid. Guess I wasn’t as paranoid as they thought
This is the way.