This is public, so the bug can be public. An alternative URL with a detailed description of how this works: https://github.com/samyk/poisontap I wonder if our http layer could detect the 'map all the internet to this 1 device' methods this is using, similar to our captive portal detection, or perhaps even at the network interface layer (not sure to what degree we're aware of this within netwerk/ ). Selena, are you the right person to forward this to others to look into?
Summary: poisontap; you may want to be aware of this pack of local browser attacks → Investigate remediations against poisontap (http hijacking, cookie stealing, etc. etc.)
NI -> wennie for review/prioritization.
Flags: needinfo?(sdeckelmann) → needinfo?(wleung)
Hi Dan, can you comment on this bug?
Flags: needinfo?(wleung) → needinfo?(dveditz)
The meta keyword is there, the bug doesn't depend on other bugs and there is no activity for 12 months. :wleung, maybe it's time to close this bug?
Summary: Investigate remediations against poisontap (http hijacking, cookie stealing, etc. etc.) → [meta] Investigate remediations against poisontap (http hijacking, cookie stealing, etc. etc.)
You need to log in before you can comment on or make changes to this bug.