Say you’ve paid for inflight WiFi service which usually costs more than it should, the last thing you would expect for your inflight WiFi service provider to do is spoof you, right? Unfortunately that’s what Google engineer Adrienne Porter had recently discovered on her flight last Friday. According to Porter, she had subscribed to Gogo’s inflight WiFi service and discovered something fishy.The website she was visiting had a big red X over the padlock icon on the URL bar, which is usually a sign that something isn’t right. The page she was looking at was supposed to be protected by HTTPS but unfortunately it wasn’t. Upon closer inspection, Porter discovered that the certificate wasn’t signed by the website she was visiting (which was YouTube), but rather Gogo themselves while pretending to be Google.
In a statement released by Gogo, their intent was not malicious, but rather one of the methods they employ to limit/block streaming. “We have stated that we don’t support various streaming video sites and utilize several techniques to limit/block video streaming. One of the recent off-the-shelf solutions that we use proxies secure video traffic to block it.”
That being said while Gogo’s justification does make sense to a certain degree, it does leave the door open to be hijacked by a third-party to perform man-in-the-middle attacks where malware is injected into the user’s computer while browsing what they assume is a perfectly innocent website. In any case hopefully with the attention brought to this, Gogo will reconsider their practices in the future.
Filed in . Read more about Gogo.