【震】三星手機系統級每分鐘偷連QQ及百度 三星DNS事件誤導用家？（3）

唔止港版，水貨機都係

香港冇

Ok 咁即係唔駛諗法例途經
佢淨係靠上訴已玩可以打殘individual

即係最新解決方法要做

設定Static Routes解決114
改SSID解決A query
然後再裝headuck隻PAC URL Service App解決B query

咁樣?

我係咁樣理解
呢個qq同hao123一樣咁難甩

push

https://www.intraway.com/blog/how-browser-identify-captive-portals

好多browser都有唔同ge captive portal detection.
例如:
Chrome:
http://<subdomain>.google.com/generate_204
Android:
http://connectivitycheck.android.com/generate_204
Windows:
http://www.msftncsi.com/ncsi.txt
iOS:
http://www.apple.com/library/test/success.html
Firefox:
唔支援captive portal detection(好波!)

全部都有個共通點,就係用未加密通訊同Man-in-the-middle attack先可以做到
所以Samsung如果證明到果D係captive portal detection, 我覺得真係冇問題, 因為好多device都係咁唔安全

IETF draft 緊呢份Captive Portal Architecture去保障返私隱

https://capport-wg.github.io/architecture/draft-ietf-capport-architecture.html
如果份DRAFT完左, 就係時候屌SAMSUNG

講問headuck 個PAC URL Service App 可以在邊度下載，去佢網站搵唔到嘅？

https://www.hkepc.com/forum/redirect.php?goto=findpost&ptid=2586830&pid=39865347
佢淨係hkepc講
headuck blog 應該會有 part 3跟進

呢個先係PAC檔

https://www.hkepc.com/forum/redirect.php?goto=findpost&ptid=2586830&pid=39864453

哇屌原來 Android 11 支援IETF Captive Portal draft
https://developer.android.com/about/versions/11/features/captive-portal

iOS 14 都支援IETF Captive Portal draft
https://developer.apple.com/news/?id=q78sq5rv

佢最錯係唔用係佢嘅domain去做呢樣嘢

qq嗰堆嘢同三星有咩關係先，可以用埋人哋server？同埋而家一分鐘一次會唔會太密？佢呢個寫法即係每分鐘都同qq嗰堆server報告機主玩緊電話

copy完個url去wifi setting就得?

我將佢下面粒制推去On, 個app就不停彈

而家就話發現呢堆code寫得衰，隨時呢啲code全個ROM周圍都有....

M31 明明水貨都中114.... 會唔會太癲

根本呢個係全球性問題

啱啱上samfrew發現港版Galaxy Tab S7 (Wi-Fi / LTE)都有新firmware update，有興趣可以做白老鼠睇下仲有冇114DNS

https://samfrew.com/fQ/m/aLL/r/TGY/o/aLL/b/b/d/d/

而家開左private dns就上唔到網