blocking of secure traffic

Biob · yesterday

Anyone else notice over the last few months that encrypted traffic to site/Vpn seems to be blocked when using the three network? Looked like it was trying to downgrade the connection to a insecure method.

It felt like a poorly implemented man in the middle attack. Seems to have improved since three’s last network outage.

Browser reporting the SSL certificate s don’t match for well known sites. Switched to WiFi and no problem.

is there something three needs to disclose to it’s customers? Looking online, I don’t believe I’m the only one experiencing this.

jr0 · 7 hours ago

red pill or blue pill?
I think Three employees have far bigger concerns and work to be done than trying to gather/spy/manipulate/.. what their costumers are doing. I think they don't have any interest on this sort of thing, as the likes of FB, G, open Ai,...
If they do, their priorities are a tiny bit messed up.

Now some people here have complained about not being able to connect to some VPN and gaming services and that was because of IPv6 APN. Have you looked into your router config? Although what you are reporting about SSL certificates, imo, doesn't make any sense so yeah I never ever experienced such on Three or EE or Vodafone.

Biob · 4 hours ago

And it’s not like three haven’t been compromised in the past, is it?

It just look suspicious when your connection to you mobile phone operator appears compromised. They are in control of that, unlike WiFi.

Biob · 4 hours ago

Who said anything about three employees?
The SSL issue I have seen was with big companies like Amazon, bank etc… high value sites. If like me your phone spends most of the time connected to wifi, you might not see it, it’s when it’s connected direct to their network.
Not had an issue since the last time they had problems I.e. not being able to call, no 999.

If you check the community properly, others have experienced this. Search google, DuckDuckGo , others have experienced.

jr0 · 9 minutes ago

let me see if I'm understanding you correctly: are you saying that Three is doing "man in the middle attacks" - your own words - when their costumers (like you and me) are using celluar data and are connecting to https websites and VPN services?

I did mention three employees because they are the one building, managing, running the network, and after the outage we all experiencied a few weeks ago and others before too, and also now with Vodafone in mix, I'm just thinking that the employees probably have bigger fish to fry.
To what gain would Three do what you are suggesting?