We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Using a VPN abroad when paying online?
Options
Comments
-
Yes, if using public WiFi, then paid VPN all the way.
Unlike the UK, in most other countries in europe, everywhere (cafes, bars/restuarants/etc) tend to have no password to their WiFi, so you can get internet almost anywhere without buying mobile internet.“I may not agree with you, but I will defend to the death your right to make an a** of yourself.”
<><><><><><><><><<><><><><><><><><><><><><> Don't forget to like and subscribe \/ \/ \/0 -
I thought that even with a MITM attack, the username and password would still be encrypted. The only way the https traffic can be decrypted is if the victims browser can be tricked into accepting a fake SSL certificate. With modern browsers and up to date software, doesn't the user have to manually accept such a certificate so has a chance to detect something's wrong?
This is all irrelevant, As I would be using SSL strip as part of my MITM attack.
If the user was using a vpn tunnel then all the traffic I could see would be garbage0 -
i recommend ibVPN if you hang around on their frontpage a while you might get a popup with a big discount, i get their top end vpn for under £40 a year.
I've it installed on my tablet, iphone, laptop etc.0 -
I have been using https://www.privateinternetaccess.com/ and can recommend them. Priced in US$ it's a good deal when you take into account the exchange rate at $39.95 a year. It also includes apps for installation onto mobile devices.Andyfr0
-
OP mentioned "taking a smartphone and a tablet".
So suggestions should be for VPNs suitable for these.
Apps like Hotspotshield come to mind, but I've no idea how much encryption you get.
With iPhones, installing one puts a 'profile' into your phone and everything gets diverted via the VPN servers. I think they are a bit difficult to turn of & on at will, so best un-install at the end of the holiday.0 -
Research carefully, VPN's are not all benign
http://www.theregister.co.uk/2015/06/10/hola_gets_holes_poked_in_client_lulzsec/0 -
Good morning.0
-
This is all irrelevant, As I would be using SSL strip as part of my MITM attack.
If the user was using a vpn tunnel then all the traffic I could see would be garbage
AFAIK, SSL Strip will not work against all-SSL sites, sites where the login link itself is SSL, or against a banking app. Something I'll bear in mind.0 -
AFAIK, SSL Strip will not work against all-SSL sites, sites where the login link itself is SSL, or against a banking app. Something I'll bear in mind.
Not the case.
SSL strip works by opening an https connection to the real site, but then serving an http version to the user. So all communication with the real server is using SSL0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.9K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.9K Work, Benefits & Business
- 598.7K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards