Comment by lukevp

Comment by lukevp 10 months ago

4 replies

You can’t control anything if they do DNS over HTTPS to a hardcoded IP they control and cert pin so you can’t MITM the connection, can you?

Wingy 10 months ago

If the pinned cert is stored on some kind of ROM chip you could probably rewrite it to replace it with your own cert.

hiatus 10 months ago

You can at the very least block traffic to the hardcoded IP.

  • pkulak 10 months ago

    Sure, but then DNS breaks on the device and it's useless. Might as well just hit it with a hammer.