Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I don't quite follow. You can't inject an RST packet unless you know someone is trying to connect to a Tor node, so you still need to supervise all the routes, right?


Difference is I can do traffic analysis and RST generation over lots of machines (if it gets slow, worst case my RST gets there late). Changing routes/forwarding table action has to happen on machine moving large data, in real time.


You can sniff the traffic out-of-band, possibly implement it on already existing spy/monitoring infrastructure.


And ignoring RST may work. In fact that method worked against earlier implementations of the great firewall of China.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: