Accurate? Lets take the Wifi (Other users already commented the other ones). Open a wifi access point with the name of the restaurant, intercept the DNS requests and serve your filtered stuff.
PS: If the text is real and not trolling, the keyword in the text is 'rarely happen', which we could apply to car seatbelts then.
Then what? The user presumably sees TLS certificate warnings since you don't have valid certicates. HSTS would prevent downgrades to plain HTTP and is pretty common on sensitive websites.
Isn't the better advice to avoid clicking through certificate warnings? That applies both on and off open wifi networks.
There is a privacy concern, as DNS queries would leak. Enabling strict DoH helps (which is not the default browser setting).
drtgh|3 months ago
PS: If the text is real and not trolling, the keyword in the text is 'rarely happen', which we could apply to car seatbelts then.
8organicbits|3 months ago
Isn't the better advice to avoid clicking through certificate warnings? That applies both on and off open wifi networks.
There is a privacy concern, as DNS queries would leak. Enabling strict DoH helps (which is not the default browser setting).
johncoatesdev|3 months ago
quesera|3 months ago
How do you get from a malicious DNS response to a browser-validated TLS cert for the requested host?
jrjfjgkrj|3 months ago
you mean partial web pages?
most browsers use DNS over HTTPS