Hacker News new | past | comments | ask | show | jobs | submit login

Does it mean that using SSL the normal way will become impossible? I can't imagine this. How this can be enforced?



1) The only TLS connections that are let through are all MITM'd.

2) Every other TCP/UDP flow is checked for conformance with plain-text protocols (like HTTP), or far worse, simply for the level of entropy in the data.

3) A threat of legal action is made against anyone caught using secure crypto.

Good luck beating that. The key here is that the "entropy detector" doesn't "really" need to work. It only needs to work well enough to scare people into submission.


Here steganography comes into play - very easily implementable in the form of webcam streams bugged with usable data.




Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: