HackerTrans
TopNewTrendsCommentsPastAskShowJobs

psquid

no profile record

comments

psquid
·hace 2 meses·discuss
The evidence that they didn't review it, is that a million line rewrite was merged 8 days after it began being written. It's simply not possible for a team that size to review that much code in that little time.

As far as testing - yes, they do have a test suite that it was checked against during the rewrite, but that still means that any behaviour that wasn't strictly tested for by that suite could have changed and it would still pass.
psquid
·hace 11 años·discuss
There's various ways:

Some rely on the device itself to enforce it, but that's obviously fragile if you can bring your own device.

Some check the TTL of your packets when they enter the carrier's network, because tethering is at least one more hop and so even if your computer's OS and phone's OS agree on what TTL starts at, the TTL will still be different than expected for your device's platform. Obviously this can still be mitigated by adjusting your TTL, but outside of software that'll handle this for them, that's already beyond a lot of customers.

Some even take the route of only checking HTTP traffic, and detecting tethering based on User-Agent, but I think a lot have abandoned that because it doesn't catch other protocols, and is easily bypassed even on HTTP.