top | item 44960197

(no title)

tifkap | 6 months ago

This is most likely an attempt to connect to a webserver on your own device to collect data and/or do tracking.

Remember back in June when Facebook/meta got caught tracking users trough a webserver on Android phone thought Messenger and Instagram? Same thing.

See: https://news.ycombinator.com/item?id=44169115 and https://news.ycombinator.com/item?id=44175940

discuss

dannyw|6 months ago

Why do you say that’s most likely?

This is a common pattern for connecting to smart cards / hardware security devices. Probably a service or hardware that’s run on official CBP machines that should be disabled for prod, but forgot.

77pt77|6 months ago

This is by far the most likely reason.

I personally use pages that authenticate via a smartcard using this exact scheme.

There is a Java "plugin" that is nothing but a mini webserver that listens on a specific port and performs authentication.

darkwater|6 months ago

How are you so sure?