|
|
|
|
|
|
by isostatic
2656 days ago
|
|
|
You're right. Many tech people today tend to be hostile about the sort of freedom and hacking that geeks used to have. There are ways around this - the detection seems to work by investigating what TLS ciphers are supported, and comparing with what the username should do. A MITM proxy could easily implement this. On the flip side cloudfare could easilly get false positives for people with non-default settings (which I suspect is measured in the <0.0001% range, so websites won't really care) These are the default firefox cipher settings on Firefox 65 http://imgur.com/fVvUBdUl.png And here's my desktop's current settings http://imgur.com/A72WA2hl.png (which disabled ciphers without and dh key exchange - I also block TLS 1.0) |
|
|
