On Sat, 22 Aug 2015 14:40:08 -0700
Kevin P Dyer wrote:
> Ah, gotcha. It's not RFC compliant. RFC2616 was created in 1999 and
> there are tons of HTTP-like implementations since then that,
> ostensibly, don't need to follow it. (e.g., an HTTP-like
> client/server that only talk to each other.) A n
On Sat, Aug 22, 2015 at 12:43 AM, Yawning Angel
wrote:
> On Fri, 21 Aug 2015 17:51:20 -0700
> Kevin P Dyer wrote:
>
> > On Wed, Aug 19, 2015 at 11:58 AM, Yawning Angel
> > wrote:
> >
> > > [snip]
> > >
> > > The FTE semantic attack they presented isn't the easiest one I know
> > > of (the GET r
On Fri, 21 Aug 2015 17:46:39 -0700
Kevin P Dyer wrote:
> > The authors suggest active probing to reduce false
>
> > positives, but don't mention that this doesn't work against obfs4
> > and
>
> > meek.
>
> I don't want to get too off track here, but do obfs4 and meek really
> resist against ac
On Fri, 21 Aug 2015 17:51:20 -0700
Kevin P Dyer wrote:
> On Wed, Aug 19, 2015 at 11:58 AM, Yawning Angel
> wrote:
>
> > [snip]
> >
> > The FTE semantic attack they presented isn't the easiest one I know
> > of (the GET request as defined by the regex is pathologically
> > malformed).
> >
>
> V
