> it makes small compressed HTTP payloads impossible to determine whether guessed bytes were correct or not (well, depending of course on the size variable of the random bytes added).

Hm, ok. At least you didn't "just add some random padding" :-)

Thanks for the comment on structure. Might be nice to try and make ssl/tls terminating proxy as a separate binary I guess.

As for the code, for someone new to fasm it wasn't immediately obvious that to build one had to assemble then link (fasm -m $((bignumber))[1] project.asm project.o && ld -o project project.o # optionally strip project). Might want to but that in a Readme/makefile/build.sh. I found the general recipe in the hello-example - but a short readme in the various project folder and/or top level wouldn't hurt.

[1] ed: from https://2ton.com.au/HeavyThing/#echoserver

fasm -m 262144 echo.asm && ld -o echo echo.o

> I built the epoll, TLS, SSH, webserver and client as "IO layers"

I think you should just finish the job and implement the entire OS in assembly. ;-)

I'm kidding. To me, assembly programming has always seemed like a true art form. You're forced to think about everything, and if you can successfully fit all the pieces together properly, it's beautiful. Also, not many can hack it through assembly, so there's a huge selection bias too.

Why can you not simply repeat the request a bunch of times and take the minimum length / 10th percentile / maximum / something along those times?

It increases the number of requests required, yes, but I don't see why it makes it impossible.