Hacker Neue

Preferences
NoahZuniga parent
> Even if you're worried about other people sniffing network traffic, the hostname you're visiting still gets revealed in plaintext during the SNI handshake

Many sites now support Encypted Client Hello. This makes it possible to send the hostname after the connection has been encrypted. This is enabled by default on cloudflare hosted domains (when cloudflare also manages DNS).

pabs3
There was a report some years ago that found the IP address being connected to is often enough to identify the website being visited, even when using a CDN. I think you have to go to VPNs at a minimum, or Tor preferably. Tor doesn't help with correlation attacks from global passive/active adversaries though, or even folks with access to a lot of netflow data.

This item has no comments currently.

Keyboard Shortcuts

Story Lists

j
Next story
k
Previous story
Shift+j
Last story
Shift+k
First story
o Enter
Go to story URL
c
Go to comments
u
Go to author

Navigation

Shift+t
Go to top stories
Shift+n
Go to new stories
Shift+b
Go to best stories
Shift+a
Go to Ask HN
Shift+s
Go to Show HN

Miscellaneous

?
Show this modal