Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

@Poster and @Everyone: I just returned on July 1st from traveling through 8 different countries over a month's span, and AirBnB'd the whole trip. A fellow traveler also experienced the same tragic incident in Berlin. He came to the conclusion that he was logged in to the website via safari on an insecure network and was redirected to the fake site. Its a serious bummer but there was nothing he could do. The best and most secure way to use AirBnB is through their mobile app, not by login into their "site" on an insecure WiFi NetWork. Search through hosts and seriously read their reviews. I contacted everyone before hand and would not book unless I received a response.

@everyone: I returned from Barcelona three weeks ago. I rented a very nice apartment in the heart of the Gothic Quarter using AirBnB. As far as AirBnB being illegal, I don't think that is correct. I have many friends who have studied abroad and when they would leave Spain to go travel they would throw their apartment on AirBnB to make a couple bucks. Like with traveling anywhere, just be careful.



Does the AirBnB mobile app do certificate pinning? Will it error out on an SSL MITM attack?


The odds that some random WiFi was doing SSL MITM attacks to facilitate the type of scam mentioned in the original thread is near zero.

It is much much more likely it was another case of nearly identical domain name that the scammer owned and the person never noticed.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: