alt Hacker News> filtering those devices' network requests at the network gateway, or filtering one hop up onto the provider's infrastructure
These things are not possible with any reliability, we spent two decades encrypting everything.
> filtering those devices' network requests at the network gateway, or filtering one hop up onto the provider's infrastructure
These things are not possible with any reliability, we spent two decades encrypting everything.
I'm not imagining filtering based on the path. Even with https, hostname is visible before the handshake. And even when Encrypted Client Hello is widely implemented, it's also easy enough for network providers to drop any ECH packets from devices flagged as "for children" and signal to those devices that their handshake must reveal the hostname, at least to the router doing the filtering.