Comment by torginus
3 days ago
Sounds fishy, if the device allows this sort of fakery, that means the traffic is vulnerable to some sort of MITM attack by DNS poisoning/packet rerouting, which is somewhat disconcerting.
3 days ago
Sounds fishy, if the device allows this sort of fakery, that means the traffic is vulnerable to some sort of MITM attack by DNS poisoning/packet rerouting, which is somewhat disconcerting.
>that means the traffic is vulnerable to some sort of MITM attack by DNS poisoning/packet rerouting
Because it uses https? OP gets around this by manually injecting his certificate, but if you have physical access to a device it's generally considered to be game over in most threat models.
> if the device allows this sort of fakery, that means the traffic is vulnerable to some sort of MITM attack
No. This is a thermostat at your home. It forwards its DNS requests to your router. Feel free to establish whatever security protocols you need there. Or, even better, host your own server.