> mortified to show off a $10,000 watch, but excitedly tell you about their $100,000 kitchen remodel filled with 100-mile diet cookbooks and single-origin Japanese knives, or their 6-month work sabbatical they spent powerlifting. This is a group of people where a Subaru is a higher-status car than a Cadillac, but the highest status car is none.
You should sprinkle in a few other news sources because that’s not what is happening at all.
Iran also has further escalation paths it can take. So far, they have only been targeting US-affiliated targets in the Gulf. You can imagine what would happen if they decide to expand their target list. But I think this will only happen if GCC countries decide to participate.
Everything I've read suggests the US and Israel are stomping all over Iran, and have destroyed their air force, navy, and even anti-air defenses.
I know these news are necessarily biased (e.g. do we know for a fact the three F-15E Strike Eagles were really downed by Kuwaiti friendly fire and none were downed by Iran?), but the chance of credible news of Iran putting up any real resistance is very, very slim.
Iran has been sanctioned for decades. As a result, they do not have a modern airforce, navy, or even air defense systems. So it is completely unsurprising that USIS has complete air superiority. You can rest assured that Iran has planned for this.
Their entire defense strategy post-war (Iran-Iraq war) has been centered around ballistic missiles. More recently, they “pioneered” the use of kamikaze drones (Shahed) and included their use in their strategy. Note that they have aggressively optimized Shahed when it comes to cost, ease of manufacturing, and ease of launch. Shahed drones have seen extensive combat usage in the Ukraine war.
The other “hint” when it comes to Iran’s response is the increasing estimates by the US as to how long this “operation” will last. Initially, it was a few days. Now they are saying 4-5 weeks. Edit: Looks like it could up to 8 weeks..
Long story short, until we start to see significant degradation in launches - both missiles and drones - we simply cannot say that Iran has been defeated.
As far as news sources go, the easy recommendation is Al Jazeera. Twitter/X is also decent, but there is a ton of noise.
It is biased - interestingly less than expected on this topic because Iran is shelling them - but the idea is to read something to counteract Western bias. Asian outlets (non-Japanese) are another good source.
> The US air superiority has completely done them, it'd seem.
They're managing to successfully counterattack with strikes in every country in the region, while the bulk of their central leadership has been KIA. They still control the Strait of Hormuz and very intense naval, land, and air operations will be required to dislodge them.
If this war was started with the goal of the complete destruction of Iran, ground troops will have to go in (President Trump et. al. is already in the media telegraphing the requirement). Iran is a mountain fortress, and the home team (pop. 91 million) holds advantage. This has the potential to become and long and bloody war.
I think people in the US are seriously discounting this. The only thing that Iranian forces have to do is keep lobbing drones. You don't need leadership, heavy industry, or even a lot of drones as long as you keep lobbing them.
It takes very little for them to keep disrupting things which affect the global economy.
Even if leadership changes at the top and isn't killed, why would independent cells of fighters stop?
I think there's a huge possibility that Iran can keep being disruptive longer than the US is willing to spend $$$$$ bombing and intercepting.
One nuance here is where that $$$$ actually goes. The US has a history of diverting a staggering amount of money to the war companies every 2 decades or so. The spend here might be the goal, not the cost.
Well, they've managed to launch and land strikes on every country in the region. "Successful counterattack" is a considerably higher bar than that, IMHO.
Russia isn't moving for obvious reasons (I don't think IRGC planners even expected them to move, Putin has made it clear a 100 times he is out of anything involving Israel). But that said Putin arguably did his job already by destroying Patriot stocks and thus putting US on a timeline in terms of protection.
With China the issue is different: They have a completely different military ecosystem so it's not like they can send them their own stuff. We already saw in Ukraine that running 2 types of equipment along each other is a pain in the ass and strains logistics. China is likely aiding them with satellite imagery instead.
I think China will sit this one out. There's nothing to gain for them with direct involvement.
Any assistance to Iran (like satellite imagery) will have limited effect, and the Chinese know it. In my opinion, there's no way the Islamic Republic survives this. For any rational international actor, there's no sense in becoming involved in a lost fight.
> In my opinion, there's no way the Islamic Republic survives this.
But what if the Islamic Republic isn't a material thing, it isn't a government apparatus, it is actually the ideas and culture of a population under siege? 50-60 million Persians, and another 30-40 million muslims of other ethnicities. They have been embargoed for decades, the message that the US and Israel are evil has seeped into every corner of society there. It will not be so simple to erase that programming and you can expect a large portion of the population to resist to the bitter end. It's been over 20 years of planning to bring the USA to this point, 20 years because it was never a sure bet, and even today it's still not clear who wins. No, I think 4 days in it's too early to call winners and losers.
> Was pretty useful back when I was in India since Jio randomly blocked websites
With Jio, you don't really need ECH at all. The blocks are mostly rudimentary and bypassed with encrypted DNS (DoH / DoT / DNSCrypt) and Firefox (which fragments the TLS ClientHello packets into two).
Should've added this was back in like 2018 or so. Setting up DoH was harder than enabling SNI, and from my testing back then they were hard filtering on SNI (e.g. I used OpenSSL CLI to set the SNI to `pornhub.com` and connect to "known good" IPs, it'd still get reset).
Funnily enough, not setting the SNI and connecting the the origin IP, and then requesting the page worked fine.
> Funnily enough, not setting the SNI and connecting the the origin IP, and then requesting the page worked fine.
Such tricks, called "domain fronting" are why ECH exists. The problem is that although domain fronting is effective for the client it's a significant headache for the provider. Big providers involved, such as Cloudflare have always insisted that they want to provide this sort of censorship resisting capability but they don't want to authorize domain fronting because it's a headache for them technically.
Let me explain the headache with an example. Say I'm Grand Corp, a French company with 25 million web sites including both cats-are-great.example and fuck-trump.example. Users discover that although the US government has used Emergency Powers to prohibit access to fuck-trump.example, using domain fronting they can connect to cats-are-great.example and request fuck-trump.example pages anyway and the US government's blocking rules can't stop them.
What they don't know is that I, Grand Corp had been sharding sites 25 ways, so there was only 1-in-25 chance that this worked - it so happened cats-are-great and fuck-trump were in the same shard, On Thursday during routine software upgrade we happen to switch to 32-way sharding and suddenly it stops working - users are outraged, are the French surrendering to Donald Trump?
Or, maybe as a fallback mechanism the other 31 servers can loop back around to fetch your fuck-trump.example pages from the server where they live, but in doing so they double the effective system load. So now my operational costs at Grand Corp for fuck-trump.example doubled because clients were fronting. Ouch.
Yes, you've basically got it, the customers for fuck-trump.example just write your chosen value in OuterSNI and fuck-trump.example in the InnerSNI, which is encrypted and you do the (very cheap on modern hardware) decryption and route fuck-trump.example. In practice it might work (but isn't guaranteed to) to write something else in OuterSNI like whitehouse.gov rather than the value chosen by the operator.
It's apparent from other responses that most people didn't understand that we're not talking about a weird new feature which might work if people implement it. This is the published document explaining how it works, but the reality is that it's widely deployed today. This is already how it's working today, if you tell people first they raise all sorts of objections and insist it's unworkable, so, we didn't tell them first we just did it. Here's a relevant quote:
"Dan, I'm not a Republic serial villain. Do you seriously think I'd explain my master-stroke if there remained the slightest chance of you affecting its outcome? I did it thirty-five minutes ago" -- Watchmen, by Alan Moore.
That's true, usually with domain fronting you provide the (wrong) SNI. But the same strategy is happening here, you were supposed to provide SNI and you didn't to avoid some potential censorship but it's a headache for the provider
They won't have received a certificate for the IP as a name, it's relatively unusual to have those, the main users are things like DoH and DoT servers since their clients may not know the name of the server... historically if you connect to a TLS server without SNI it just picks a name and presents a certificate for that name - if there's a single name for the machine that definitely works, and if not well - domain fronting.
TLS 1.3 even specifies that you must always do SNI and shouldn't expect such tricks to work, because it's such a headache.
Place a giant video ad in tourist places in London to sell adblock?
And how much "surveillance" does a VPN prevent anyway? This is a regulatory & legislative problem and I don't see how any public VPN is part of the solution.
> And how much "surveillance" does a VPN prevent anyway?
Changing your acc number every other month and paying anonymously is much easier on Mullvad than on the ISP level. You can also get multiple people on the number very easily. And Mullvad is likely an entity outside of your home country, hence more difficult to coerce than your ISP.
In my eyes ISPs are compromised by default so the aim is to guard against them, if Mullvad is also as compromised it's more difficult for them to track me across account numbers and, even if they do, my data is then in another country, which worries me less than it being local since I'm not important enough to warrant international action.
> And Mullvad is likely an entity outside of your home country, hence more difficult to coerce than your ISP
This is not true in the EU or for the signatories of the Lugano Convention (the EU, Switzerland, Iceland, and Norway). Mullvad is very explicit that they'll abide by all EU laws. For instance, see the e-Evidence Regulation specifically written for "network-based services" like "proxy services": https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A...
> Mullvad is also as compromised it's more difficult for them to track me across account numbers
That's your assumption, not an assertion Mullvad makes?
> even if they do, my data is then in another country, which worries me less than it being local
There exists international treaties on intel sharing (including for "cyber") at every level: The UN, The European Council, the EU, the NATO states, and so on.
> I'm not important enough to warrant international action
Your government can demand action of other governments and businesses via various treaties it may have in place. Mullvad, since it says it'll abide by all EU / Swedish laws, is not a hurdle for your local LEA you think it might be.
> is not a hurdle for your local LEA you think it might be
Everything is possible, of course, but in no world is it <= difficult to get information out of an entity outside your borders. A police officer can go to my local ISP's office and ask to see my logs. If he gets lucky, he gets them, otherwise his escalation path is smaller. If he wants to do that to Mullvad he has to start some process that goes through multiple people and takes a lot more time. Additionally, by the time he reaches Mullvad he probably has my ISP logs.
> That's your assumption, not an assertion Mullvad makes?
IDK what they have to say about it, but the ISP has a hardware line to my home, my name on a contract and recurring card payments. Mullvad has some money with no clear source and an ID with 3-4 people on it that jump ID every other month. I can't change my ISP every other month so one has a single big ass log for my home in a folder with my name on it and my payments while the other has multiple logs they have to bring together and no name on the payments.
They can absolutely parse things and follow me across IDs to put me in a big log and maybe do some data magic to tie it to my person but:
1- It's extra work for them to get to the ISP starting point
2- That starting point is actually still worse since possible mistakes in that process can be argued in court.
Valid concerns. I must point out though, that if we are worried about hardware backdoors, then Zhengzhou, "the iPhone City", is also in China, even if Apple is in the US.
When it comes to telecom products I'm less worried, though not entirely content, with products that are developed in the West and manufactured in China, than products developed by the Chinese.
Badly? You seem a little obsessed. The few anti-regime Iranians (who live in Iran) I know do not want to get bombed into freedom & democracy. The Western hubris despite Iraq and Afghanistan is back in full force, I see.
If you personally know Iranians (Persian, Azeri, Armenian, Kurds, Assyrian, Arab, Baloch, Tajik, Afghan etc) living in Iran or if you have connection with the land, that's fine. Otherwise, I find this kind of "obsession" a bit disturbing to the point of justifying actions of unhinged leaders in a very avoidable, unpopular, & potentially devastating war: https://en.wikipedia.org/wiki/White_savior
reply