[187891] in North American Network Operators' Group
RE: Southwest Airlines captive portal
daemon@ATHENA.MIT.EDU (Frank Bulk)
Sat Feb 27 23:52:19 2016
X-Original-To: nanog@nanog.org
From: "Frank Bulk" <frnkblk@iname.com>
To: "'Paras Jha'" <paras@protrafsolutions.com>,
"Damien Burke" <damien@supremebytes.com>
In-Reply-To: <CAJayEpHNdi0Q-FruRN0-fxuL3LJcur3ZszUk_eF-jzskUS+7Jg@mail.gmail.com>
Date: Sat, 27 Feb 2016 22:45:38 -0600
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
I was MITMed, but not maliciously, but by Southwest Airline=E2=80=99s =
system (which uses Row44). The site doesn=E2=80=99t have to be pinned =
for a browser to throw up a warning about the SSL certificate not =
matching the URL.
=20
I did connect with an SWA employee.
=20
Frank
=20
From: Paras Jha [mailto:paras@protrafsolutions.com]=20
Sent: Saturday, February 27, 2016 5:09 PM
To: Damien Burke <damien@supremebytes.com>
Cc: Frank Bulk <frnkblk@iname.com>; nanog@nanog.org
Subject: Re: Southwest Airlines captive portal
=20
You got MITM'd
=20
On Sat, Feb 27, 2016 at 1:57 PM, Damien Burke <damien@supremebytes.com =
<mailto:damien@supremebytes.com> > wrote:
You should change your paypal password.
-----Original Message-----
From: NANOG [mailto:nanog-bounces@nanog.org =
<mailto:nanog-bounces@nanog.org> ] On Behalf Of Frank Bulk
Sent: Saturday, February 27, 2016 10:27 AM
To: nanog@nanog.org <mailto:nanog@nanog.org>=20
Subject: Southwest Airlines captive portal
Anyone from Southwest Airlines on this list?
On a recent flight I discovered I couldn't complete payment through =
PayPal because my web browsers properly noticed that the Southwest =
Airlines SSL certificate that the captive portal was giving for PayPal =
didn't match up.
=3D) I had to create an exception for PayPal just to complete payment.
Frank
=20
