• finn_der_mensch
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    4
    ·
    1 year ago

    When there isn’t any stored data to be sent, they could easily send fake/random data in requests though. So then it’s not detectable if data is stored and sent or not. How would you make up for that?

    • FooBarrington@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      2
      ·
      1 year ago

      That’s actually a good point! Random data is unlikely since it would be noticable due to differences in size of the compressed traffic (random data doesn’t compress), but fake data would not be distinguishable from just looking at traffic.

      Luckily there are still things you can do, like analyzing the firmware itself (especially when you can inject your MitM proxy cert). It has been done before, and it’s reasonable to assume such a technique would have been found by security researchers by now.