Security pros: If I run a fully patched OS, a fully patched browser, run HTTPS Everywhere set to “Block all unencrypted requests”, and run uBlock Origin, what are my practical risks when connecting to an unknown and possibly malicious wifi access point? (links welcome!)
-
Not trying to derail your thread, but staying ahead of patching third-party programs (especially those without automatic-updates) is an impossible task, even for security pros. A "fully patched" OS assumes everything above the OS layer is also patched
Hey Bob, the scenario you outlined limits most risks I can think of, however, the macOS captive portal pop-up is always a point of concern for me. It loads untrusted content under direct control of the (malicious) router into a vanilla Safari frame.
-
-
Great point. Any links we should read up on?
-
No, not really, that risk is fully explained by my short description above. You're forced to browse to a website under control of the malicious party in Safari. I'm not sure if the seatbelt policy is identical between captive portal vs normal Safari.
- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.