• diabetic_porcupine@lemmy.world
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      24 hours ago

      You can always use pihole to mess with your local dns and resolve to a fake website that looks like your social media of choice and collect their password

      • Anivia@feddit.org
        link
        fedilink
        arrow-up
        1
        ·
        13 hours ago

        Only if the user ignores the “unsafe connection” warning in the browser, since you won’t have an SSL certificate for the domain

        • diabetic_porcupine@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          7 hours ago

          Hmm good point… you would need the ca to sign off on it self signed doesn’t work… it’s just a file though right? Couldn’t you rip it from the real server?