Comment by dylz

6 years ago

GFW has been all layer for a long time, including actively re-probing and connecting back to a server from random (really, virtually any CN IP space).

HTTPS is somewhat secure, but subject to MITM. Most Chinese forks of browsers ignore certificate errors and allow everything through.

2 comments

dylz

Reply
unicodepepper  6 years ago

Would I be safe from this type of MITM attack if my browser respects SSL warnings? (and I don't bypass them)

  • aaomidi  6 years ago

    Generally yes.

    But remember with SNI they know exactly what website you're visiting.