I was MITMed, but not maliciously, but by Southwest Airline’s system (which uses Row44). The site doesn’t have to be pinned for a browser to throw up a warning about the SSL certificate not matching the URL. I did connect with an SWA employee. Frank From: Paras Jha [mailto:paras@protrafsolutions.com] Sent: Saturday, February 27, 2016 5:09 PM To: Damien Burke <damien@supremebytes.com> Cc: Frank Bulk <frnkblk@iname.com>; nanog@nanog.org Subject: Re: Southwest Airlines captive portal You got MITM'd On Sat, Feb 27, 2016 at 1:57 PM, Damien Burke <damien@supremebytes.com <mailto:damien@supremebytes.com> > wrote: You should change your paypal password. -----Original Message----- From: NANOG [mailto:nanog-bounces@nanog.org <mailto:nanog-bounces@nanog.org> ] On Behalf Of Frank Bulk Sent: Saturday, February 27, 2016 10:27 AM To: nanog@nanog.org <mailto:nanog@nanog.org> Subject: Southwest Airlines captive portal Anyone from Southwest Airlines on this list? On a recent flight I discovered I couldn't complete payment through PayPal because my web browsers properly noticed that the Southwest Airlines SSL certificate that the captive portal was giving for PayPal didn't match up. =) I had to create an exception for PayPal just to complete payment. Frank