| ▲ | DarkmSparks 12 hours ago |
| How you know https is compromised... Access to this page is disabled
The law prohibits participation in games of chance organized by unauthorized persons through means of electronic communication. The authorized organizers of games of chance via means of electronic communication are the State Lottery of Serbia and persons authorized by the Ministry of Finance. |
|
| ▲ | heavyset_go 12 hours ago | parent [-] |
| You don't need to break TLS to do IP and domain blocking and redirection. That said, I'd assume governments have access to root certificates, anyway, but they're only broken out for big investigations or secret dragnet stuff we'll find out about in five decades, if ever. |
| |
| ▲ | toast0 11 hours ago | parent [-] | | You don't need to break TLS to do IP/domain blocking, but you can't redirect an https page unless you have an acceptable certificate. > but they're only broken out for big investigations or secret dragnet stuff we'll find out about in five decades, if ever. Certificate Transparency, where required, makes certificates unusable if they're not published... But that might not be enough information. | | |
| ▲ | vintermann 7 hours ago | parent | next [-] | | You certainly can, but you should get a big screaming "this site's certificate is not valid for dodgy-casino.games" warning. If not, then maybe your browser vendor has been pressured to add some root certificate controlled by the Serbian police, which it approves to issue certificates to impersonate dodgy-casino.games. | |
| ▲ | 10000truths 10 hours ago | parent | prev [-] | | This is a DNS hijack, not an HTTPS hijack. The ISP's resolver sees "casino.org" in the A/AAAA query, finds it in a blocklist, and responds with an IP address to a web server that serves a block page (or a CNAME thereto). | | |
|
|
