PeterL[asciilifeform]: Where I work we just had a network update, we were told "be careful about your browsing, we now have the ability to see all your traffic. But nobody will be looking at it unless there is a problem." I wonder what pest traffic looks like to their monitoring software?
asciilifeform: PeterL: closest'd be traditional vpn, most likely
asciilifeform at one time wanted to specify 'packets can have random rng padding beyond 496 bytes -- but -- crucially - with no frag reassembly on receiver end, and only padded if peer aint answering the usual way' but already imho toomany movingparts
asciilifeform: ^ notionally, it ought not to be possible to write an ids rule against pest that won't nail dns & similar
asciilifeform: atm can, cuz the 496b thing.
asciilifeform: afaik 'no frag reasm, wait for 1st frag & discard any others, use only 1st 496b' would req os support
PeterL[asciilifeform]: wouldn't a traditional vpn have all the traffic going to one address, pest would look more like having n vpns where n is your number of nodes connected?
asciilifeform: PeterL: was thinking from packet snooper pov, but yea
