Discovering Backend Bottlenecks: Unlocking Peak Performance
https://performance.husseinnasser.com
The Encrypted Client Hello or ECH is a new RFC that encrypts the TLS client hello to hide sensitive information like the SNI. In this video I go through pros and cons of this new rfc.
0:00 Intro
2:00 SNI
4:00 Client Hello
8:40 Encrypted Client Hello
11:30 Inner Client Hello Encryption
18:00 Client-Facing Outer SNI
21:20 Decrypting Inner Client Hello
23:30 Disadvantages
26:00 Censorship vs Privacy ECH
https://blog.cloudflare.com/announcing-encrypted-client-hello/
https://chromestatus.com/feature/6196703843581952
-Hussein
Fundamentals of Backend Engineering Design patterns udemy course (link redirects to udemy with coupon)
https://backend.husseinnasser.com
Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon)
https://network.husseinnasser.com
Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon)
https://database.husseinnasser.com
Follow me on Medium
https://medium.com/@hnasr/membership
Introduction to NGINX (link redirects to udemy with coupon)
https://nginx.husseinnasser.com
Python on the Backend (link redirects to udemy with coupon)
https://python.husseinnasser.com
Become a Member on YouTube
https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join
Buy me a coffee if you liked this
https://www.buymeacoffee.com/hnasr
Arabic Software Engineering Channel
https://www.youtube.com/channel/UChWZsjdoRvZ0T9QWZOD6UpA
๐ฅ Members Only Content
https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg
๐ญ Backend Engineering Videos in Order
https://backend.husseinnasser.com
๐พ Database Engineering Videos
https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2
๐๏ธListen to the Backend Engineering Podcast
https://husseinnasser.com/podcast
Gears and tools used on the Channel (affiliates)
๐ผ๏ธ Slides and Thumbnail Design
Canva
https://partner.canva.com/c/2766475/647168/10068
Stay Awesome,
Hussein
source
Great we enjoy it
Asked my packet sniffer about the latest SNI. Got a shrug and "it's complicated". Thanks ECH
apologies about the echo especially if your listening with air piece, replaced carpet in my home with vinyl and i think I need to sound treat the room.
How to make a 5-minute read turn into a 30-minute youtube video. Your content is dull and monotonous, you don't add anything to the original article
This should be part of http protocol
But I don't think governments will let it be a reality
Irans GFW(DPI) Iis using SNI filtering on cloudflare to stop proxys on CF CDN.
Question, why wouldn't the ISP upon seeing the packet with the double client hello just automatically return a server hello with their own crypto info so as to create a fully proxy. At that point wouldn't they be able to see the eSNI that the sender is trying protect?
Can you do a video on how to design databases (relational db) on a microservice contest?
You may not know, but some IPs are using dns:53 requests to offer ADs or selling such information about particular user. Yes it seems complicated, but it has sense ๐ you just decrease your footprint and overall sniffing over you. Privacy is a very important thing today, and even look for some countries where privacy is an exotic thing to achieve ๐
Awaome explanation. I agree. Seems too complicated.
"I've got nothing to hide" is a pretty naive way of looking at these things.
I disagree it is overkill. This is a quantum leap for privacy is adopted on par with TOR
Absolutely love your videos! But for the love of God make yourself louder somehow. I cannot hear you properly, unless I'm in a quiet place or using anc headphones.