• diabetic_porcupine@lemmy.world
    link
    fedilink
    arrow-up
    2
    arrow-down
    1
    ·
    22 hours ago

    You can always use pihole to mess with your local dns and resolve to a fake website that looks like your social media of choice and collect their password

    • Anivia@feddit.org
      link
      fedilink
      arrow-up
      1
      ·
      12 hours ago

      Only if the user ignores the “unsafe connection” warning in the browser, since you won’t have an SSL certificate for the domain

      • diabetic_porcupine@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        6 hours ago

        Hmm good point… you would need the ca to sign off on it self signed doesn’t work… it’s just a file though right? Couldn’t you rip it from the real server?