The difference being, example.com is run by IANA [0] and guaranteed by them, whereas neverssl is just a kind-hearted soul, and may one day resolve to something else.
> 2. Application software SHOULD NOT recognize example names as special and SHOULD use example names as they would other domain names.
> 3. Name resolution APIs and libraries SHOULD NOT recognize example names as special and SHOULD NOT treat them differently. Name resolution APIs SHOULD send queries for example names to their configured caching DNS server(s).
> 6. DNS server operators SHOULD be aware that example names are reserved for use in documentation.
You are guaranteed to be able to try and resolve the domain, which should generally be enough for the crappy man-in-the-middle systems to work.
However, example.com should never suddenly start serving you a cryptominer, etc. Which is the larger concern.
> You are guaranteed to be able to try and resolve the domain, which should generally be enough for the crappy man-in-the-middle systems to work.
I have never seen any captive portal work at DNS level though (and that by itself sounds problematic). They works at HTTP level. So if one day example.com start using HSTS then it will also be a problem, in addition to nowadays browser defaulting to HTTPS so you have to type http://example.com yourself.
neverssl.com guarantees all of that, at least as long as it's there.
> neverssl.com guarantees all of that, at least as long as it's there.
It didn't work for me when I tried to use it in the airport (DCA). I tried to get to the captive portal through Firefox and Vivaldi. It took a couple restart of my browser to managed to get to the captive portal. It is not guaranteed that it will work as in my case.
Some of the captive portals I've run into do work at the DNS level, possibly tied to some other firewalling to prevent traffic leakage, I can't remember.
Those were pretty problematic, for all the reasons you're thinking... Better to use a hostname you're not hoping to actually use.
The other difference being that neverssl.com does a bit more as it immediately redirects you to a unique subdomain, ensuring that any caching that your browser is trying is subverted.
Sure, it might go away one day. Until it does, it’s the best solution to this problem.
I’ve had WiFi captive portals that somehow don’t redirect neverssl.com but do for other http/80 domains. Truly bewildering - I don’t understand how it could happen by mistake, nor why anyone would do that on purpose.