[phw]

We have a discussion on this in Section 5.6 of our paper: https://nymity.ch/active-probing/imc2015.pdf

By "hijacking" we mean that an entity in the network is "borrowing" IP addresses meant for Internet users for ~20 minutes of probing activity. That's not the same as IP spoofing, i.e., simply sending IP packets with a spoofed source address.

[est]

> The key enhancement of these successor protocols is that they require the client, in its initial mes- sage, to prove knowledge of a server-specific secret (trans- mitted out of band)

This is great idea, we can make a half-duplex bridge, users inside the GFW need access to at least two ISPs. One ISP for uplink, one ISP for downlink, since GFW can only observe traffic on the national border, not between internal domestic ISPs, it can not establish full state of the connection.

We call it triangular networking instead of statefull peer-connected network.