Hacker News new | past | comments | ask | show | jobs | submit login

> I want my firewall to inspect what the software is sending over the network and delete, randomize or nullify all data that isn't strictly necessary for it to perform the desired function. Like uBlock Origin but for the network stack.

You'll have to TLS man-in-the-middle yourself for this to be viable.




Absolutely. Interception is okay when we're the ones doing it. Software exists to serve us, it doesn't have the right to establish private communications with third parties against our wishes.

I've intercepted the traffic of many mobile apps to see what information they're sending. I hear developers are pinning certificates now. I can just replace the pinned certificate, right?


That's easy, since you have control over trusted CAs. And also, not true; it could be done in the TLS library.




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: