Dumb as hell local network security

bdoubleu

bdoubleu last edited by leocg

How on gods green earth did someone think was a good idea or even remotely intelligent to prevent people from accessing their own local network? I mean Really? You try and access your modem or router (192.168.1.1 or 192.168.0.1) or localhost and you get:

---

Your connection is not private
Attackers might be trying to steal your information from 192.168.0.1 (for example, passwords, messages, or credit cards).

NET::ERR_CERT_INVALID

The you add in the "Help me understand", that used to be "Advanced and let you bypass this insanity, but now you go absolutely nowhere?

WTF? I am not allowed to login to my router because some reject developer thought this was a genius plan to protect me from a bad SSL certificate???

At least in chrome you randomly type

thisisunsafe

anywhere on the page and it bypasses it, but why even that?
Let Me decide if I want to run my own network, don't prevent me permanently from accessing it.

Ideas to fix this stupid as hell implementation:

• Add back in the "advanced" link with the option to continue
• Let me set a flag to bypass this forever
• Add a toggle setting in the settings
• take similar ideas like this one, out back and burn them in a bonfire

100% absolute deal breaker for anyone with a need to access their own router or modem, which by my calculation is 99.9% of everyone.

Josuegrs

Josuegrs @bdoubleu last edited by

@bdoubleu Hello. I'm not getting this problem with Opera GX. I can connect to my router and cellphone via FTP. Which version are you using?

bdoubleu

bdoubleu last edited by leocg

@josuegrs Why are you reading this post if you don't have the problem?

Also, you are using FTP to get to your cell phone, on your local network???

This is a basic and complete failure on the developers part with the Opera browser.

As far as version, I keep it updated to the latest. So please just assume when reading this that it is the latest publicly available version. Currently Version:79.0.4143.50 (x86_64)
Update stream:Stable
System:macOS Version 11.6 (Build 20G165) 11.6.0 x86_64

I mean, for the most part I love Opera and I take a "Ton" of shit for using it or recommending it. I Always get people saying "Oh, you're one of Those people" and they scoff at me, but I typically defend Opera.

But this is completely insane. Whomever implemented this as a default with no way to bypass or turn it off should be fired. Not for doing bad work, but for just having a bad thought process.

It is Never acceptable to push out something and default everyone to it and not give a way to disable it, bypass it or at minimum explain it in a defensible manner.

This is just dumb.

leocg

leocg Moderator Volunteer @bdoubleu last edited by

@bdoubleu said :

Why are you reading this post if you don't have the problem?

Because this is a public forum and anyone can read any topic and reply to it.
Also, replying to say that an issue can't be reproduced is part of the process of helping the person facing the problem to fix it. If that many people reply saying that they don't have the problem, then it may be being caused by some specific condition.

leocg

leocg Moderator Volunteer @bdoubleu last edited by

@bdoubleu If I just type the IP address of my router or printer, for example, I can connect to them without any issues.
if I manually add https:// in front of the address, I get a page with a message saying that my connection isn't secure but clicking on help me understand gives me an option to continue.

bdoubleu

bdoubleu @leocg last edited by bdoubleu

@leocg
Here is what users see when trying to get to localhost or a local I.P. address:

============
Your connection is not private
Attackers might be trying to steal your information from 192.168.0.1 (for example, passwords, messages, or credit cards).

NET::ERR_CERT_INVALID
Help me understand
192.168.0.1 normally uses encryption to protect your information. When Opera tried to connect to 192.168.0.1 this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be 192.168.0.1, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Opera stopped the connection before any data was exchanged.

You cannot visit 192.168.0.1 right now because the website sent scrambled credentials that Opera cannot process. Network errors and attacks are usually temporary, so this page will probably work later.

kopollo

kopollo @bdoubleu last edited by leocg

@bdoubleu How can credit card information be stolen from local ip addresses such as 192.168.1.l?

bdoubleu

bdoubleu @kopollo last edited by

@kopollo A virus can launch a mini website locally on local addresses, then send the signal out to various locations to collect info. But also, if you are infected, this particular "safeguard" isn't going to protect you anyway.