Comment by hiatus Comment by hiatus 10 months ago 5 replies Copy Link View on Hacker News Good thing you can still see the domain over the network if you control the network.
Copy Link lukevp 10 months ago Collapse Comment - You can’t control anything if they do DNS over HTTPS to a hardcoded IP they control and cert pin so you can’t MITM the connection, can you? Reply View | 4 replies Copy Link userbinator 10 months ago Parent Next Collapse Comment - That's what a firewall is for. Reply View | 0 replies Copy Link Wingy 10 months ago Parent Prev Next Collapse Comment - If the pinned cert is stored on some kind of ROM chip you could probably rewrite it to replace it with your own cert. Reply View | 0 replies Copy Link hiatus 10 months ago Parent Prev Collapse Comment - You can at the very least block traffic to the hardcoded IP. Reply View | 1 reply Copy Link pkulak 9 months ago Root Parent Collapse Comment - Sure, but then DNS breaks on the device and it's useless. Might as well just hit it with a hammer. Reply View | 0 replies
Copy Link userbinator 10 months ago Parent Next Collapse Comment - That's what a firewall is for. Reply View | 0 replies
Copy Link Wingy 10 months ago Parent Prev Next Collapse Comment - If the pinned cert is stored on some kind of ROM chip you could probably rewrite it to replace it with your own cert. Reply View | 0 replies
Copy Link hiatus 10 months ago Parent Prev Collapse Comment - You can at the very least block traffic to the hardcoded IP. Reply View | 1 reply Copy Link pkulak 9 months ago Root Parent Collapse Comment - Sure, but then DNS breaks on the device and it's useless. Might as well just hit it with a hammer. Reply View | 0 replies
Copy Link pkulak 9 months ago Root Parent Collapse Comment - Sure, but then DNS breaks on the device and it's useless. Might as well just hit it with a hammer. Reply View | 0 replies
You can’t control anything if they do DNS over HTTPS to a hardcoded IP they control and cert pin so you can’t MITM the connection, can you?