Phones
Mobile + Broadband
Unlimited
SIM only
Wearables
Mobile broadband
Deals
Broadband + Mobile
Support
Billing & payments
My products
Settings
Vodafone apps
Costs and charges
Support
Network
More
Welcome to Vodafone Community
December 2015 ' I’ve chased them for an update.'
April 2017 'I've chased this with our specialists'
I won't hold my breath
> have recently noticed this happens with my Mediafire Cloud storage subscription
That's very concerning. They are spying on your connection, to your private files.
I'm sorry this is taking longer than expected to resolve. Once we recieve an update from our specialist team, we'll be in touch.
Thanks
'I'm sorry this is taking longer than expected to resolve.'
I'm curious - back in 2015, when this was first brought up, how long was it expected to take?
@kovacs As soon as we have an update from our specialist team, we'll update the thread. :smileyhappy:
Why has it taken so long?
@kovacs wrote:Why has it taken so long?
There is nothing taking any time. You're just being given the run-around.
The government has asked them to hack your connection, give you invalid DNS responses and invalid certificates and insert a MiTM attack so they can censor your use.
The solution is to use Google's DNS servers:
8.8.8.8
8.8.4.4
Alternatively, stop using Vodafone.
Apologies for the delay @kovacs. Once we receive further information, we'll add this to the thread.
There is no further information you can add.
Your techs will not get back to you and say:
"It's now possible for us to MiTM these connections without serving invalid certificates"
This will never happen, what they've been asked to do is technically impossible, for very good security reasons.
The only solution is to not use your legislatively hacked DNS servers. While complaining to your legislative representatives.
'There is nothing taking any time. You're just being given the run-around.'
It's looking increasingly likely
They're asking the techs "Can you hack these connections without invalid certificates?"
The techs are saying "No, we can't, it's impossible, for very good reasons. That's what happens when you let politicians write software and control internet infrastructure".
@ChazzD wrote:
We're working on a solution with our vendor that will ensure that HTTPS traffic will work normally in the future.
We don't have an expected timescale for this at the moment. When we do have an update, we'll update this thread.
This will not happen, as it's technically impossible. There are very good reasons why you can't fake an encryption certificate and have it also be valid. If this were possible hackers could MiTM any connection without warnings being displayed.
Stop training your users to add certificate exceptions. You're training them to accept MiTM attacks.
The only solution is for Vodafone to fight IWF in court or customers to not use your DNS compromised servers.
It's absolutely abhorent that you are complicit in doing this.
I have manually switched to the Google DNS servers, which certainly provides a quick & simple solution for most people.
But, what an absolute train-wreck of a thread this is. Vodafone, you have ZERO credibility with these "Hmm.. that's odd.. maybe you should call tech support" and "We're looking into it, sorry it is taking longer than expected" nonsense. The thread has been running for some YEARS now. You're just making yourselves look like damn fools.
'But, what an absolute train-wreck of a thread this is. Vodafone, you have ZERO credibility with these "Hmm.. that's odd.. maybe you should call tech support" and "We're looking into it, sorry it is taking longer than expected" nonsense. The thread has been running for some YEARS now. You're just making yourselves look like damn fools.'
Couldn't agree more.
WHY AM I EVEN STILL WITH VIRGIN.
So back again on this thread, I honestly don't know why I'm even trying but hey look now Hotmail.com is blocked randomly... cool can't check emails 10/10 Virgin.
wut?
'I've chased this with our specialists and a member of the team will update this thread as soon as we hear back. '
2 weeks later......
Still haven't heard from them? Looks like they don't take you very seriously
Why is it taking so long?
You will not recieve an update from your techs as what is being asked for is technically impossible. For very good security reasons.
You can't simply serve invalid MiTM attack certs and expect them to work without adding exceptions to users browsers.
Best bet is to lobby government to stop hacking your users.
Concerning that hotmail is being eavesdropped on, indicates this is in fact a spy program and not a censorship program.
User | Thanks Count |
---|---|
2 | |
2 | |
1 | |
1 | |
1 |