[bahorn]

While the authors of this definitely didn't handle this well, I'd argue it's a pretty severe weakness and the tool shouldn't have been released in this state. Active probing has been observed in the wild [1] and pretty much all tooling in the space handles it in their threat model [2], so its naive to not consider it.

I get why the signal team wanted something to use HTTPS, even networks with completely insane firewalls accept it and they get to reuse existing domain fronting code, but existing tools continues to viable in Iran and would have made much more sense in the circumstances.

[1] https://blog.torproject.org/learning-more-about-gfws-active-...

[2] https://github.com/Yawning/obfs4/blob/master/doc/obfs4-spec....