> This doesn't work as well with the 'recognize package size' method because you need to download the entire package before you know the size. Given the need for Ack in TCP, an MitM can't just buffer data until they have the entire package size.
All they have to do is corrupt the final packet and the package checksum fails. An attacker only needs to buffer a single packet worth of data.
All they have to do is corrupt the final packet and the package checksum fails. An attacker only needs to buffer a single packet worth of data.