Търсене в помощните статии

Избягвайте измамите при поддръжката. Никога няма да ви помолим да се обадите или изпратите SMS на телефонен номер или да споделите лична информация. Моля, докладвайте подозрителна активност на "Докладване за злоупотреба".

Научете повече

McDonald's WiFI login: The info on entered on this page will be sent over insecure channel

  • 6 отговора
  • 2 имат този проблем
  • 1 изглед
  • Последен отговор от FoxyFirey

more options

When I log in the the WiFi at McDonald's, get the login page by first trying to a URL without HTTPS, e.g., http://www.google.ca. I'm guessing that the access point intercepts this and sends to the an HTTP login page. I get a button to "Connect", which I press, but then Firefox presents me with the warning that the info entered on the page will be sent over an insecure channel.

I *assumed* that *only* the clicking of the "Connect" button will be sent. I don't know exactly how it all works, but I assume that at some point, some kind of key info is needed to use the access point, and that any subsequent https links I establish with, say, gmail, will be an added layer of encryption on top of that. Consequently, I assume that I don't have to worry about the message. Is this a somewhat reasonable way of understanding the due diligence required, if not the security schemes themselves?

When I log in the the WiFi at McDonald's, get the login page by first trying to a URL without HTTPS, e.g., http://www.google.ca. I'm guessing that the access point intercepts this and sends to the an HTTP login page. I get a button to "Connect", which I press, but then Firefox presents me with the warning that the info entered on the page will be sent over an insecure channel. I *assumed* that *only* the clicking of the "Connect" button will be sent. I don't know exactly how it all works, but I assume that at some point, some kind of key info is needed to use the access point, and that any subsequent https links I establish with, say, gmail, will be an added layer of encryption on top of that. Consequently, I assume that I don't have to worry about the message. Is this a somewhat reasonable way of understanding the due diligence required, if not the security schemes themselves?

Всички отговори (6)

more options

Yes, this is a new security feature that warns you if there is a password field on an open HTTP page. In Firefox 52 a doorhanger will open if you type in the name or password field on such a HTTP page. You can proceed on your own risk and possibly try if you can change HTTP to HTTPS in the location/address bar.

more options

As far as I know, there was no password field on that page. You only click the button to Connect. My question was whether I can trust that subsequent https links can be trusted. Like I said, I'm not a security guy, but I've read of man-in-middle attacks. Not sure if this would open one up for that. I don't want to compromise by gmail account (or any other account, for that matter).

more options

Sometimes on web pages, the user/password are hidden until the user chooses to login.

more options

Understood. However, this is a McDonald's WiFi login. The user never supplies a username and/or password. There is just a single button to connect.

more options

Many site issues can be caused by corrupt cookies or cache.

  • Clear the Cache and
  • Remove Cookies
    Warning ! ! This will log you out of sites you're logged in to.

Type about:preferences<Enter> in the address bar.

  • Cookies; Select Privacy. Under History, select Firefox will Use Custom Settings. Press the button on the right side called Show Cookies. Use the search bar to look for the site. Note; There may be more than one entry. Remove All of them.
  • Cache; Select Advanced > Network. Across from Cached Web Content, Press Clear Now.

If there is still a problem, Start Firefox in Safe Mode {web link} A small dialog should appear. Click Start In Safe Mode (not Refresh). While you are in safe mode;

Type about:preferences#advanced<Enter> in the address bar.

Under Advanced, Select General. Look for and turn off Use Hardware Acceleration.

Poke around safe websites. Are there any problems?

Then restart.

more options

Thanks, FredMcD. I will save your instructions on the computer of interest because at the time I experience the problem, I won't have access to it without getting past the WiFi issue.