Mastodawn

Love to see that Virgin UK/O2 have blacklisted "http://detectportal.firefox.com/canonical.html" (the URL Ffox uses to invoke a captive portal, such as the ones you have to clear in order to use public hotspots with Virgin as a provider). Also nice to see that they've copyrighted the error page.

Show thread

Duncan Murray Mar 26

@pluralistic I think I changed my DNS server on Virgin because of these kind of issues. Also, you have reminded me when we were on Vodafone broadband, I noticed a MITM attack on all websites - did you ever hear about this? Their customer support encouraged users to accept their certificate, but I first noticed it when firefox alerted to me that the cert did not belong to the domain.

Show thread

Duncan Murray

@pluralistic found the forum entry, which has since been taken down: https://web.archive.org/web/20170315031514/http://forum.vodafone.co.uk/t5/Pay-monthly-products-services/Website-security-certificate-coming-from-vodafone-content/td-p/2454980 maybe not such a big deal but it shows that these companies will lean on user ignorance to make their web experience insecure.

Website security certificate coming from vodafone content control even though it's off.

I'm using Vodafone home broadband and when i try to access the https version of imgur I get the following error from google chrome- Your connection is not private Attackers might be trying to steal your information from i.imgur.com when I go into the advanced info tab it tells me - This serv...