Comment by lukevp

Comment by lukevp a year ago

4 replies

View on Hacker News

You can’t control anything if they do DNS over HTTPS to a hardcoded IP they control and cert pin so you can’t MITM the connection, can you?

Wingy a year ago

If the pinned cert is stored on some kind of ROM chip you could probably rewrite it to replace it with your own cert.

Reply View 0 replies
hiatus a year ago

You can at the very least block traffic to the hardcoded IP.

Reply View 1 reply
  • pkulak a year ago

    Sure, but then DNS breaks on the device and it's useless. Might as well just hit it with a hammer.

    Reply View 0 replies