Note that if I can spoof an IP address, I can send you bogus DNS replies, and send you to a web server that impersonates Google/Facebook/etc. but does not require HTTPS (unless they use the strict security header). In this case you do not get a warning, just the absence of a tiny green icon.
While I can't get a cert signed for facebook.com (at least not without very expensive bribes or other human factors engineering) but I could get one for faceboolc.com easily enough and if you aren't looking closely that might fool the eye. It wouldn't catch everyone, anyone going direct to https://<site> would be warned as you suggest, but it could catch some out.
I've never set it up and was curious what others have done to make it as invisible as possible.
Startup idea! Make a tool that automatically tunnels your connection when you are on a public wifi. Make it open source and offer a hosted service. Also interesting if you are in a country which censors the internet. The dropbox of VPNs. For marketing you offer to write articles like this but less technical for magazines ("on Page 10 learn how easy it is for hackers to steal your facebook account and how you can protect yourself").
There may be similar bits available for Windows, but I haven't looked into it there in some time.
Add the option --proxy-server=127.0.0.1:3128 on you chrome shortcut and that's it.
I know that I would be more likely to contact a site owner asking for https if it screamed at me everytime it happened.
It's time to ditch http for all but rare use cases, because almost 2014.
I admit of having spoofed a Burger King public WiFi and replacing all img-tag sources with Goatse. Priceless reactions everywhere ;)
If you really wanted to take this to the evil next level, you'd just break one (or several) WPA keys on nearby APs and have your rouge injector AP act as both an open AP (to unsuspecting users) and a client (using cracked keys) to other APs, thus avoiding having to actually buy internet access for this spot. You'd essentially just need to find a place to hide and power your evil AP.
Of course, it also doubles as an IRC idler/whatever else you can think of.
SSH is done through key authentication and there's an OpenVPN server if the network I'm connecting through isn't too locked down.
Next trick is to do IP-over-DNS and I'll be all set where ever I am.
Now if only someone would come out with a USB3-capable board with dual-gigE (I don't mind if it can only push 500Mbit each port)
iodine[1] is a fairly easy way to set that up. I just made a tunnel.mydomain.tld subdomain, pointed the NS records at my VPS and run "iodined 10.0.0.1 tunnel.mydomain.tld"
Really? So would you blindly copy-paste things into your shell? Then I don't need to hijack your connections, I just put malicious pastes on the website.
If you are moron enough to copy-paste the first thing you find, you are probably not reading the other users' warnings about "this answer is wrong".
How many people review the snippet, copy, paste it into a text editor, re-review it, copy it, and then paste it into their shell?
Still, since when I run GNU/Linux I never pasted a command line from a website into my terminal. This is just reckless. Borderline case, I understand what the example is showing me and then I apply.
