![]() u/Live-Ad-5129, if you are using Bitwarden to fill in your passwords on HTTPS sites, I would have zero worry. ![]() Trusting my opinion- that’s where you screwed up. Two community members whose opinion I would trust on these types of matters are /u/spider-sec and /u/Eclipsan (pinging them here in case they wish the weigh in). Disabling "connect automatically" for all WiFi networks is definitely a good idea if you use public WiFi. I think a VPN may help in these scenarios, but I'm not 100% sure. ![]() Once your network traffic is routed through a malicious WiFi router, you become very vulnerable to different types of attacks. If a corporate device, the IT department can remotely configure your device to automatically accept the SSL decryption without displaying any warning.Īnother issue with public WiFi is that if you have enabled "connect automatically" for any of your WiFi networks, then you are vulnerable to attacks in which a threat actor runs their own WiFi hotspot that impersonates your existing networks (thereby getting your WiFi adapter to connect automatically). Were you using a personal device or a corporate-issued device? If a personal device, you should have received some kind of warning about SSL certificates not matching, a certificate issuer not being recognized, a certificate being expired, etc., if anybody was doing SSL decryption. That depends on your level of paranoia, and how much trust you have in the people who run the corporate network. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |