Comment by pkulak

Comment by pkulak a year ago

View on Hacker News

Yeah, if it was intentional, it would probably be a hard-coded, encrypted URL. Some devices are starting to do that to get around ad blocking.

hiatus a year ago

Good thing you can still see the domain over the network if you control the network.

Reply View 5 replies

lukevp a year ago

You can’t control anything if they do DNS over HTTPS to a hardcoded IP they control and cert pin so you can’t MITM the connection, can you?

Reply View | 4 replies
- userbinator a year ago
  
  That's what a firewall is for.
  
  Reply View | 0 replies
- Wingy a year ago
  
  If the pinned cert is stored on some kind of ROM chip you could probably rewrite it to replace it with your own cert.
  
  Reply View | 0 replies
- hiatus a year ago
  
  You can at the very least block traffic to the hardcoded IP.
  
  Reply View | 1 reply
  
  pkulak a year ago
  
  Sure, but then DNS breaks on the device and it's useless. Might as well just hit it with a hammer.
  
  Reply View | 0 replies