The problem / disconnect with that DPI is dead article is that corporations still want to use use, as they control their employees computers.
Hence I've recently been asked to implement a URL inspecting firewall, which implies a HTTPS intercepting MiTM proxy. They will probably require some exception list where things get passed through 'unmolested', but for a white listed sub-set of sites (say well known health, banking, etc).
The one thing which can break that is cert pinning, but then the corporations can simply mandate that apps requiring/using cert pinning not be used from the corporate machines.
There are some bumps in the techniques caused by HTTPS RRs, AltSvc and HTTP/3, but they will be worked around, at worst by forced downgrades.
The "they'll never no argument" carries no weight, as employers up front tend to inform their employees that the communications are monitored, hence giving the corporation legal cover.
That said, I do generally agree with the aim of that article, but changing the corporate mindset is a different (non technical) problem; it is all about providing the corporation with a colorable argument towards reducing their liability in certain scenarios.
Hence I've recently been asked to implement a URL inspecting firewall, which implies a HTTPS intercepting MiTM proxy. They will probably require some exception list where things get passed through 'unmolested', but for a white listed sub-set of sites (say well known health, banking, etc).
The one thing which can break that is cert pinning, but then the corporations can simply mandate that apps requiring/using cert pinning not be used from the corporate machines.
There are some bumps in the techniques caused by HTTPS RRs, AltSvc and HTTP/3, but they will be worked around, at worst by forced downgrades.
The "they'll never no argument" carries no weight, as employers up front tend to inform their employees that the communications are monitored, hence giving the corporation legal cover.
That said, I do generally agree with the aim of that article, but changing the corporate mindset is a different (non technical) problem; it is all about providing the corporation with a colorable argument towards reducing their liability in certain scenarios.