Comment by skrrtww

Comment by skrrtww 3 days ago

The title sort of implies this is intentional or privileged to Apple, while it rather seems more like just a bug.

I also wish people would post the FB numbers and the details of their report when they say they've reported things like this.

Reptur 3 days ago

Devil's advocate would say: They could do this and make it look like a bug that never gets fixed in order to avoid backlash. How it gets achieved is flexible if the goal is met.

Reply View 1 reply

kergonath 2 days ago

Why would they be afraid of backlash on such an obscure, technical feature? They never were in the past and are expected to take controversial technical decisions by now. And by “now”, I mean in the last 30-odd years.

Reply View | 0 replies

pkulak 3 days ago

Yeah, if it was intentional, it would probably be a hard-coded, encrypted URL. Some devices are starting to do that to get around ad blocking.

Reply View 5 replies

hiatus 3 days ago

Good thing you can still see the domain over the network if you control the network.

Reply View | 4 replies
- lukevp 2 days ago
  
  You can’t control anything if they do DNS over HTTPS to a hardcoded IP they control and cert pin so you can’t MITM the connection, can you?
  
  Reply View | 3 replies
  
  userbinator 2 days ago
  
  That's what a firewall is for.
  
  Reply View | 0 replies
  
  Wingy 2 days ago
  
  If the pinned cert is stored on some kind of ROM chip you could probably rewrite it to replace it with your own cert.
  
  Reply View | 0 replies
  
  hiatus 2 days ago
  
  You can at the very least block traffic to the hardcoded IP.
  
  Reply View | 0 replies