main_icn_My_Vodafone main_icn_Search main_icn_Chevron_right main_icn_Chevron_down main_icn_Close main_icn_Menu social-facebook social-google-plus social-linkedin social-twitter social-youtube main_icn_Community_or_Foundation main_icn_Location main_icn_Network_signal
Menu Toggle

Welcome to Vodafone Community

Pay monthly

Website security certificate coming from vodafone content control even though it's off.

3: Seeker
View more options
2: Seeker

Struggling with this myself, it’s only happened since I took out my new contract but it’s so annoying!!! How haven’t Vodafone sorted this yet it’s an actual joke!! Has anyone had it sorted if so how? Or has everyone been told to check the content bar is off and been messed about?!

View more options
Moderator

@Alb1993 We'll be more than happy to take a look into what's happening 
So we can take a closer look, I've sent you a private message with details on how to get in touch.

View more options
1: Seeker

Ignore the official Vodafone response which is nonsense. I posted a fix earlier in the thread. I think on page 7

View more options
2: Seeker

Going to try the DNS trick, but it shouldsn't be required just to browse the web.

Shoddy work from Vodafone, will start looking at other ISPs again.

View more options
2: Seeker

@Colleen

I haven't heard anything at all from Vodafone since your message in November 2017.

 

@ anyone interested...

Vodafone apparently don't give a ##~## that some people have noticed they are performing a MITM attack on all traffic going through their servers.

The "a team" I was told would be in touch back in October 2017 have done nothing since then...

The 'fix' posted in this forum does work, but it shouldn't be necessary!

View more options
3: Seeker

This is all pretty shoddy from vodafone.

 

They shouldn't be doing a MITM attack on your data, and they shouldn't be suggesting that we accept security exceptions for this.  The government doesn't seem to mandate it (though I wonder for how long given the cluelessness of Amber Rudd with regards to security and encryption) - so why don't vodafone fix it?

 

This thread dates back to 2015.  I'd be totally in support for it to be investigated.  Why don't vodafone have an FAQ on this?  Why won't they state publicly that the government have asked for this?  What is going on vodafone???

View more options
Moderator

@Brittfire @nickonline @dm319 - I understand your frustrations with this message being displayed. So that we can take your details and get it escalated, please send us your details by following the steps in this private message.

View more options
2: Seeker

This is impacting all of your users.

 

By design.

 

Requesting details of individual users on a web forum will not help you solve this issue.

 

Instead, stop spying on your users activity via a MiTM attack and invalid forged certificates.

View more options
2: Seeker

Add me to the list of people this is affecting. Can't believe it's gone unresolved for 2 years. I just took out vodafone broadband and am really disappointed to find them doing this, it raises concerns over the security of my personal data.

View more options
Moderator

@Mkecr So we can get our Broadband guys to take a look into this, please contact us by following the instructions in this private message.

View more options
2: Seeker

**DO NOT FOLLOW INSTRUCTIONS OF VODAFONE!!!**

 

They will tell you to add an exclusion to allow their hacked certificate to sign websites.

 

This should **NOT** be done.

 

You should **NEVER** add exclusions to your certificates for these reasons.

 

Them giving this advice is **DISGUSTING**.

 

Instead switch your DNS servers to Google 8.8.8.8 and 8.8.4.4

 

**NEVER** add an exclusion to your encryption certificates, this is a **Man-In-The-Middle ATTACK**.

 

View more options
3: Seeker

^^^ This guy is absolutely right. Do not install the certificate from Vodafone.

It means Vodafone will be able to intercept all your passwords, PIN numbers, personal information, banking details, credit card numbers and see everything you do online... So phone photos uploaded to iCloud, Google... Everything you post to Facebook/social media etc

View more options
2: Seeker

Another new Vodafone customer here. Last night we were getting some odd 'cannot find site' messages, even to google.com or bbc.com. I put this down to Vodafone having DNS performance/capacity problems and swithced right away to 8.8.8.8/8.8.4.4 for DNS on the router and that solved it.

I got the issue accessing imgur too over the weekend, but I just put it down to an outage of some sort on their end, as it has been a flakey site in the past.

This morning I search to see if this was a widespread problem or a recurring issue, and come on this thread.

I've got to say this is shocking behaviour from Vodafone. It is unsafe and underhand. It is certainly not a legal requirement. Not all ISPs do this, in fact quite the opposite.

Knowing this I would be cancelling my subscription right away IF it was not for the fact that they also managed to forget to ask plusnet to transfer my phone number. As soon as I either get my old number back, or else they tell me it's lost (12 day turnaround!), I'm leaving.

View more options
Moderator

We really wouldn't like to see you leave us @_llama_.

We'll be happy to raise the issues you're experiencing with your broadband with our dedicated team.
So we can do this, I've sent you a private message with details to get in touch. We'll then contact you to help you further.

View more options
2: Seeker

@Natasha

 

Please do not lie to your users. Please do not take them into a private room and feed them your companies version of events.

 

Your company is spying on their connections with this forged certificate. For unknown reasons as they are not legally required to.  THIS IS DISGUSTING BEHAVIOR FROM YOUR COMPANY. ABHORRENT!!

 

No amount of customer "support" will change this and none of it will make it your companies actions ethical.

 

 

You could choose to quit your job and instead work for a company which behaves ethically. This is your choice.

View more options