https://www.intraway.com/blog/how-browser-identify-captive-portals
好多browser都有唔同ge captive portal detection.
例如:
Chrome:
http://<subdomain>.google.com/generate_204
Android:
http://
connectivitycheck.android.com/generate_204
Windows:
http://
www.msftncsi.com/ncsi.txt
iOS:
http://
www.apple.com/library/test/success.html
Firefox:
唔支援captive portal detection(好波!
)
全部都有個共通點,就係用未加密通訊同Man-in-the-middle attack先可以做到
所以Samsung如果證明到果D係captive portal detection, 我覺得真係冇問題, 因為好多device都係咁唔安全
IETF draft 緊呢份Captive Portal Architecture去保障返私隱
https://capport-wg.github.io/architecture/draft-ietf-capport-architecture.html
如果份DRAFT完左, 就係時候屌SAMSUNG