Comment by brobinson
3 years ago
SNI isn't encrypted. They can see plaintext domain name of your https requests. Obviously, they can also see the IP you're connecting to. Maybe ECH will be rolled out at some point, and we can stop using SNI.
3 years ago
SNI isn't encrypted. They can see plaintext domain name of your https requests. Obviously, they can also see the IP you're connecting to. Maybe ECH will be rolled out at some point, and we can stop using SNI.
They knew the filename. May be a vulnerability in an external client app, not sure. Says it encrypts connections but must be leaking somehow.
Are you using torrents or something else?
If you downloaded a file over HTTPS, all they can see is the IP, domain name, and the amount of data transferred on a given connection.