Telegram-bot author @rknshowtime Alek Rudenko
suggested how Rostelecom blocks the MTProto proxy, a popular
proxy for Telegram , which was introduced two weeks ago. Recall that in this technical implementation, the client and server do not have a phase of open communication. For all sorts of filters and analyzers, the exchange of data with the MTProto-proxy server looks like an unstructured binary bi-directional data flow between the client and the server. This makes it difficult to recognize the protocol for blocking.
But Rostelecom found a way out of the situation.
To understand this, a St. Petersburg developer Leonid Evdokimov (
darkk ) wrote a pseudo-proxy
poormansmtproto and tested the DPI of the trunk provider.
An experiment on the Rostelecom network in the Krasnodar Territory
showed that Rostelecom is blocking the MTProto-proxy protocol based on the size of client packets.
The experiment revealed the following:
1. If the contents of the packets are replaced with a random set of bytes of the same size, the connection is still broken.
2. If you accidentally change the size of the packets, the connection stops breaking.
3. If the server does not send responses at all, the connection is still broken.
The blocking specialist Philip Kulin (Phillip) and the owner of DiPHOST hosting company
commented on the situation: “I want to note that restricting access to resources based on traffic analysis is illegal. The streamlined wording of repressive Russian legislation in the area of restricting access to information still creates a certain framework for the grounds for blocking and methods of blocking. There is nothing like carpet blocking or packet analysis. This is strictly illegal. ”
Warning from the site administration: When commenting on this material, please follow the rules. Please refrain from insults and toxic behavior. Postmoderation works in the comments.