Comment on Movie industry demands US law requiring ISPs to block piracy websites

<- View Parent
khorovodoved@lemm.ee ⁨7⁩ ⁨months⁩ ago

At first, please, be a little bit more patient and no, I am not a LLM.

All https traffic is https-encapsulated by definition. And you can look inside https just fine. The problem is that most of data is TLS-encripted. However, there is so-called “clienthello” that is not encripted and can be used to identity the resource you are trying to reach.

And if you are going to https-encapsulate it again (like some VPN a proxy protocols do) data will have TLS-encription on top of TLS-encription, which can be identified as well.

And about libraries: VPN protocol Openconnect, for example uses library gnutls (which almost no one else uses) instead of more common openssl. So in China it is blocked using dpi by this “marker”.

source
Sort:hotnewtop