If you have ever wanted to use the wifi at a coffee shop or library, you have probably had to click through a screen to do it. This screen might have shown you the network’s Terms of Service and prompted you to click an “I agree” button.
These kinds of screens are called captive portals, and they interfere with wireless security without providing many user benefits.
Captive portals are to blame for a number of security issues, especially when it comes to HTTPS websites. HTTPS is meant to prevent traffic interception, alteration, and impersonation by a third party. But captive portals work by doing exactly that: they intercept and alter the connection between the user and the site they are trying to visit. On an unencrypted HTTP connection, the user would not even notice this. But for sites secured with HTTPS, the web browser detects something or someone hijacking the connection (similar to a man-in-the-middle attack). This causes “untrusted connection” warnings about fake certificates for websites that users otherwise expect to be safe.
Those copious unexplained “untrusted connection” warnings on a network with captive portals—essentially false-positive warnings about websites that are actually safe—can train users to adopt the dangerous habit of ignoring security warnings.