← Back to context

Comment by Titan2189

3 days ago

> I don’t get why headers and requests need to be spoofed if all traffic is over https?

https://en.wikipedia.org/wiki/Deep_packet_inspection

how are they looking inside the packet if it's encrypted?

  • DPI doesn't have to decrypt it to make certain guesses about its content. For example, timing information, packet sizes, routing info, etc could lead you to believe it's certain kinds of things (SSH, VPN, etc).