> 3/ DoH breaks wifi redirect walls, making it tedious to enable/disable
Since this is a security focused discussion, why do you see wifi hijacking your dns lookups as something desirable?
> 3/ DoH breaks wifi redirect walls, making it tedious to enable/disable
Since this is a security focused discussion, why do you see wifi hijacking your dns lookups as something desirable?
Because there are a lot of situations, like being in a hotel, where you simply can't do anything to avoid it and have live with it / work around it.
And while we all would like to live in that perfect ivory tower of CIA-level security, we mostly live in the real world and have to make do with what we have.
wifi hijacking is here to stay.
The solution is to detect it happening, and then switch to a different 'mode' where you ignore all https certs but never send any private data and never trust any data received.
You have use a client side app firewall to prevent all traffic until you have acquired your session.
This is extremely difficult to do even for skilled people.
Android has the ability to isolate the network stacks for different apps/connections till you have cleared the wifi portal.
Often the wifi will not let you "out" until you've been through their landing page, and there's no other mechanism to do this other than hijacking DNS?