368

"Boobs check" verify if sites behind CDN are hosted in Inside Iran or not (lemmus.org)

submitted 5 days ago* (last edited 5 days ago) by sundray@lemmus.org to c/mildlyinteresting@lemmy.world

32 comments fedilink hide all child comments

cross-posted from: https://lemmy.bestiver.se/post/770637

Comments

Nitter link: https://xcancel.com/hkashfi/status/1995109785679573167

you are viewing a single comment's thread
view the rest of the comments

[-] baltakatei@sopuli.xyz 12 points 5 days ago

Right? If it were an unencrypted HTTP GET request, then every router on the way would see the plaintext string boobs in the URL and therefore intercept it.

If I had to guess, Iran has so few landline connections that they man-in-the-middle every TLS connection they can by either forcing every server to hand over their private key files (difficult) or by forcing a certificate authority trusted by default Web browsers (there's a lot of them) to issue certificates for every top level domain they see in SNI data attached to encrypted packet headers; the latter method need not even require participation by Iranian servers, so long as the traffic is bottlenecked for man-in-the-middle attacks and outsiders don't question unusual certificate authorities being used.

this post was submitted on 01 Dec 2025

368 points (100.0% liked)

Mildly Interesting

23633 readers

43 users here now

This is for strictly mildly interesting material. If it's too interesting, it doesn't belong. If it's not interesting, it doesn't belong.

This is obviously an objective criteria, so the mods are always right. Or maybe mildly right? Ahh.. what do we know?

Just post some stuff and don't spam.

founded 2 years ago

MODERATORS

marcar@lemmy.world

WhatsHerBucket@lemmy.world

Jimbabwe@lemmy.ml

Zerlyna@lemmy.world