top | item 41626584

(no title)

fabioyy | 1 year ago

unless you accepted an invalid https certified popup, its not possible, even on public wifi. or maybe you still type: http:// instead of https://, and then is easy to fake a dns response to point to a clone site

discuss

raxxorraxor|1 year ago

Ironically because MITM attacks for corporate security are that common, a lot of developer tools are configured to just ignore TLS checks instead of importing the correct root certificate.

In case of an unsecured WiFi connection this is of course much more dangerous even.

Appsmith|1 year ago

Wow! Didn’t know this!

I would’ve thought they would let devs handle it because if anything they’re more capable of these kinds of things (not counting myself ofc :-))

Appsmith|1 year ago

Thanks, that makes me feel a little better because I did use the https bookmark I had and didn’t type in the addr.

unknown|1 year ago

[deleted]

bugtodiffer|1 year ago

You're confidently wrong, dangerous :)