Anyone from Southwest Airlines on this list?
On a recent flight I discovered I couldn't complete payment through PayPal
because my web browsers properly noticed that the Southwest Airlines SSL
certificate that the captive portal was giving for PayPal didn't match up.
=) I had to create an exception for PayPal just to complete payment.
Frank
You should change your paypal password.
You got MITM'd
Anyone from Southwest Airlines on this list?
On a recent flight I discovered I couldn't complete payment through PayPal
because my web browsers properly noticed that the Southwest Airlines SSL
certificate that the captive portal was giving for PayPal didn't match up.
=) I had to create an exception for PayPal just to complete payment.Frank
I think it is PayPal you should be contacting instead.
PayPal User Agreement requires that you maintain adequate security of
your account credentials, and immediately notify PayPal that your
password has been compromised.
https://www.paypal.com/webapps/mpp/ua/useragreement-full
1.6 Password Security and Keeping Your Email and Address Current. You are responsible for maintaining adequate security and control of any and all IDs, passwords, personal identification numbers (PINs), or any other codes that you use to access the Services.
...
12.2 Notification Requirements.
You should immediately notify PayPal if you believe:
there has been an unauthorized transaction or unauthorized access to your Account;
there is an error in your Account Profile or activity or transaction confirmation sent to you by email;
your password or PIN has been compromised;
...
C.
Likely. Let Southwest know, and as others have said, change your password. Hopefully it was unique to PayPal.
-Pete
Perhaps not a captive portal but a TLS accelerator that is sometimes used
in satellite connections, that does act as MITM like corporate security
products but with a performance focus.
Since many commonly used web properties are moving to HSTS + HPKP + CT it
will become increasingly difficult to balance performance and security in
high latency connections, but when it comes to a payment gateway, that
airline should probably turn off acceleration for paypal.com and 3-D Secure
bank pages.
Rubens
in theory
I suspected I was almost mit'med once, I have notified them immediately
and got a standard blurb about keeping my anti virus software up to date...
Marcin
Paypal's certificate is not pinned in Chrome/Firefox. imo a hard error
is desirable in this kind of scenario.
https://src.chromium.org/viewvc/chrome/trunk/src/net/http/transport_security_state_static.json?view=markup
https://wiki.mozilla.org/SecurityEngineering/Public_Key_Pinning#New_sites_pinned_in_Firefox_32
FWIW Southwest uses Row 44 (GEE Media) for inflight wifi.
http://www.geemedia.com/products/connectivity
I was MITMed, but not maliciously, but by Southwest Airline’s system (which uses Row44). The site doesn’t have to be pinned for a browser to throw up a warning about the SSL certificate not matching the URL.
I did connect with an SWA employee.
Frank