Hacker News new | ask | show | jobs
by patrakov 1731 days ago
The app uses the same technology as some trojans: it connects to different pseudorandomly-generated domain names under Cloudflare protection, changing at least several times per day.
2 comments
maccard 1731 days ago
The client still needs to receive those domains somehow though, and that's the tricky bit. Unless the domains are unique per user, the blocker can just install the app and block the domains as they change.
link
vadfa 1731 days ago
You can embed the domains in the app, obfuscated. It's not foolproof but as long as they can't crack it in the few days that are left until the election...
link
aasasd 1731 days ago
Is there a name for this technique, or a thorough description of it somewhere? So that I could put it in my bookmarks & notes.
link
patrakov 1731 days ago
Domain Generating Algorithm.

https://blog.malwarebytes.com/security-world/2016/12/explain...

Although in this case, the generated domains are all under global.ssl.fastly.net and similar CDNs, not traditional TLDs.

link
aasasd 1731 days ago
Thanks!
link