Cl-He-O

Results 2 comments of Cl-He-O

Adding DNS header

It would be better for sure. But I met difficulty in implementing it, the type of function won't match after adding a new parameter...

TLS / QUIC 不应被继续视为可靠的加密方式,以及针对 TLS in Shadowsocks/TLS 的复合式 MITM,最后对于 VLESS Encryption 的介绍 / TLS/QUIC should no longer be considered a reliable encryption method, and compound MITM attacks targeting TLS in Shadowsocks/TLS. Finally, an introduction to VLESS Encryption.

@RPRX 一点小的思考:如果攻击者有能力植入根证书,那整个设备都应被视为是不可信的。在这种情况下,攻击者当然也能修改设备上的客户端,从而 MITM 所有连接,我不认为针对 TLS 和其它协议的 MITM 有本质上的区别。 *A minor consideration: If an attacker can implant a root certificate, the entire device should be considered untrustworthy. In such a scenario,...