Posted: Wed Apr 18, 2018 19:54 Post subject: How unsafe is using unencrypted http connection?
Stupid question but what I mean by asking it is e.g.
1. Is http remote web access to dd-wrt router obscured in any way or is it just plaintext to an average Kali user?
2. Then, should we not have used any http website asking for credentials for a couple of years now since the security-aware awakening?
3. Shouldn't http remote access in ddwrt builds be banned at all, then?
I'm totally convinced by now You should NEVER expose http webserver with credentials input. What I'm curious though is if the wide web is already being constantly scanned at the unencrypted nodes in awaiting for those plaintext credentials being entered or rather it's still not state-sponsored to catch all no-ssl traffic.
Or of course the alphabet soup of 3 letter agencies.
That's the post-2013 reality I worry we may be living in. The ISPs fiber centers all tapped listening to the open traffic with automated credentials capture system.