JCpac

joined 1 year ago
sorted by: new top controversial old
Say (an encrypted) hello to a more private internet. in c/privacy@lemmy.ml
[–] JCpac@lemmy.today 1 points 11 months ago (1 children)

Is it because of the "Host" HTTP header? I always thought it was optional, since the IP address and port were handled by the network and transport layers respectively. Turns out it's required to resolve between different virtual hosts in the same server. Today I Remembered (TIR?) that virtual hosts are a thing...

Is there anything else that might indicate the domain name in the handshake connection?

Say (an encrypted) hello to a more private internet. in c/privacy@lemmy.ml
[–] JCpac@lemmy.today 10 points 11 months ago (6 children)

I don't get it... How does this protect anything? If we want our packets to reach a web server, we need to write the server's IP address on them. If a snooper has the IP, can't they just lookup the domain name from a DNS server? Or is that not a service DNS provides?

If the IP address is encrypted, how will the routers know where to send the packets? Only solution I can think of would be onion routing... Am I wrong??

[HN] Now it's PostgreSQL's turn to have a bogus CVE in c/technews@radiation.party
[–] JCpac@lemmy.today 1 points 1 year ago

This makes me wonder... If there really is someone automating these reports, how did they not forsee the potencial for reporting completely harmless commits? It's like this was caused by someone who just recently got into the world of software and scripting and thought they were good enough to help with the security for decades-old software.

Was it intentional and - if so - what would they benefit from this??