Security pros: If I run a fully patched OS, a fully patched browser, run HTTPS Everywhere set to “Block all unencrypted requests”, and run uBlock Origin, what are my practical risks when connecting to an unknown and possibly malicious wifi access point? (links welcome!)
-
-
Okay so that requires education, treat Wi-Fi login screen like a random website, never enter e.g. Facebook password even if it looks like FB? Relying on browser auto-fill helps. There was this attack, but only affected new devices on first wifi connection.https://dailydot.com/debug/macos-security-bug-blackhat/ …
-
Would be good if OS disallowed a captive portal to include a link to a CA certificate. They’re a little too easy to install, need loud and clear warning since they allow HTTPS intercept. To mitigate, browsers should pin certs or warn when they’ve changed?https://twitter.com/binitamshah/status/1043504147444781056?s=21 …
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
