reminder - eviltoast
  • FooBarrington@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    2
    ·
    1 year ago

    That’s actually a good point! Random data is unlikely since it would be noticable due to differences in size of the compressed traffic (random data doesn’t compress), but fake data would not be distinguishable from just looking at traffic.

    Luckily there are still things you can do, like analyzing the firmware itself (especially when you can inject your MitM proxy cert). It has been done before, and it’s reasonable to assume such a technique would have been found by security researchers by now.