Comment by hiatus Comment by hiatus 3 days ago 4 replies Copy Link View on Hacker News Good thing you can still see the domain over the network if you control the network.
Copy Link lukevp 2 days ago Collapse Comment - You can’t control anything if they do DNS over HTTPS to a hardcoded IP they control and cert pin so you can’t MITM the connection, can you? Reply View | 3 replies Copy Link userbinator 2 days ago Parent Next Collapse Comment - That's what a firewall is for. Reply View | 0 replies Copy Link Wingy 2 days ago Parent Prev Next Collapse Comment - If the pinned cert is stored on some kind of ROM chip you could probably rewrite it to replace it with your own cert. Reply View | 0 replies Copy Link hiatus 2 days ago Parent Prev Collapse Comment - You can at the very least block traffic to the hardcoded IP. Reply View | 0 replies
Copy Link userbinator 2 days ago Parent Next Collapse Comment - That's what a firewall is for. Reply View | 0 replies
Copy Link Wingy 2 days ago Parent Prev Next Collapse Comment - If the pinned cert is stored on some kind of ROM chip you could probably rewrite it to replace it with your own cert. Reply View | 0 replies
Copy Link hiatus 2 days ago Parent Prev Collapse Comment - You can at the very least block traffic to the hardcoded IP. Reply View | 0 replies
You can’t control anything if they do DNS over HTTPS to a hardcoded IP they control and cert pin so you can’t MITM the connection, can you?