This is awesome. A project to encrypt your data, and then reformat it to “look like” other data, like HTTP. Then deep packet inspection can’t recognize that it’s something else…like covert communication sneaking past the eyes of an oppressive regime…or, well, data being exfiltrated from a compromised corporate network.
More generally, we’re optimistic FTE has long-term
potential as a tool to enable users to control how their traffic is classified by passive DPI systems. As one example, over the last month, we’ve successfully tunneled Tor through the Great Firewall of China, using FTE to make our traffic “look like” HTTP.
Kind of proves my long-standing belief that you simply can’t catch well-executed exfiltration. If you’re okay going low and slow, you can make it look like *anything*.