
Russia tries more precise technology to block Telegram messenger - Mereruka
https://www.reuters.com/article/us-russia-telegram/russia-tries-more-precise-technology-to-block-telegram-messenger-idUSKCN1LF1ZZ
======
codedokode
Telegram invented a smart thing to evade blocking. They made a proxy server
and allowed the person hosting it to add a promo link for every user
connecting through this server. This way Telegram channel owners are motivated
to host such proxy servers and distribute their addresses so that their
channel gets promoted for users of this server (and they get more readers and
more profit).

So even if hosting providers like Amazon or Google will refuse to work with
Telegram (because they don't want to get blocked in Russia for this), it will
be difficult to find and ban all people hosting proxy servers.

Sadly, these proxy servers can be used only for connecting to Telegram.

~~~
splatzone
Do you have a link for more information about their proxy server? I've
struggled to find anything. Thanks!

~~~
codedokode
I forgot to mention, Telegram also uses its own URL scheme to pass proxy
settings so you can send the link to friends or publish it online and they
will only have to click it to start using proxy. No need to dig through the
settings and type in complicated IP addresses.

The link looks like tg://proxy?arguments

Proxy uses MTProto, the same protocol that client uses to talk to the server.
It is described here:
[https://core.telegram.org/mtproto](https://core.telegram.org/mtproto) The
client connects to the proxy as if it were a server, and proxy just relays
encrypted packets to the real server. Also, the client may wrap packets with
an obfuscation layer (described below) to prevent signature detection. In
exchange, the server tells the client to display a channel of the proxy owner
in the contact list while proxy is being used.

Proxy source on Github (with Docker image link):
[https://github.com/TelegramMessenger/MTProxy](https://github.com/TelegramMessenger/MTProxy)

Bing-translated Russian article about this proxy:
[https://www.microsofttranslator.com/bv.aspx?from=&to=en&a=ht...](https://www.microsofttranslator.com/bv.aspx?from=&to=en&a=https%3A%2F%2Fhabr.com%2FPOST%2F412759%2F)

Bing-translated review of methods Telegram uses to bypass filtering by an
independent researcher:
[https://www.microsofttranslator.com/bv.aspx?from=&to=en&a=ht...](https://www.microsofttranslator.com/bv.aspx?from=&to=en&a=https%3A%2F%2Ftelegra.ph%2FTelegram-
Blocks-WTF-05-26)

And a little more on obfuscation: [https://blog.susanka.eu/how-telegram-
obfuscates-its-mtproto-...](https://blog.susanka.eu/how-telegram-obfuscates-
its-mtproto-traffic/)

This article mentions that Telegram uses modified version of obfuscated2
protocol. To detect it the DPI just needs to decode all packets using AES but
that would require a lot of CPU power which ISPs currently don't have.
Initially all encrypted packets had fixed length so some ISPs started
filtering packets by length (of course accidentally filtering non-Telegram
packets too but who cares), and Telegram added random padding to prevent this.

------
hal9000xp
In 2014-2015, I've spent great amount of energy to get out of Russia. Since I
left Russia in 2015, the situation with internet freedom became much worse.
Especially this year when Russia blocked millions and millions of IP-addresses
in unsuccessful attempts to block Telegram.

My prediction for near future is that Russia become as restrictive as China or
even worse.

I don't think VPN is viable long-term solution. Look, where are VPN servers
might be hosted? Amazon or Digital Ocean? Well, this year Russia just showed
that they can block 20 million IP-addresses on a whim.

And I see no signs of massive public demand for free internet. Why? Because if
it's popular site in Russia, then it might be unblocked in the case of
accidental blocking. If it's just random site in English, it will never be
unblocked. And vast majority of Russians don't speak or read English at all.

In other words, Russia has absolutely no future as a country with free
internet. RIP.

My advice to fellow Russians with brains: get out of Russia, run away as fast
as possible from this goddamn place.

~~~
konart
> get out of Russia, run away as fast as possible from this goddamn place.

Not always on option. It's easy to leave when you have no family to take care
of or parents, or other relatives with needs etc.

------
aaomidi
This just further shows the need for encrypted SNI fields for TLS 1.3.

We need to hide services properly and make the cost of blocking a single
service very expensive.

~~~
amaccuish
Telegram doesn't use TLS.

~~~
aaomidi
They would if it provided more censorship avoidance.

------
mbowcutt
Might be a stupid question, but why is it always Telegram that gets talked
about? Are other secure communications services like Signal, Keybase, etc
already blocked?

~~~
codedokode
Signal or Keybase are not blocked in Russia. I suppose that is because they
don't have many users like Telegram. WhatsApp is known to comply with Russian
legislation (and ironically several of its addresses were accidentally blocked
while trying to disrupt Telegram service).

~~~
jes
Can you and would you say more about how WhatsApp accommodates Russian
legislation?

~~~
codedokode
I rechecked information and probably I was wrong. In Russia there is an
official registry of companies and websites which are "distributors of
information" and WhatsApp is not there. The companies in the registry are
required by law to retain information about users at least for 6 months and
provide it to authorities in some cases. Telegram is added to the registry.

In case anyone is curious to see what sites are interesting to the
authorities, here is a copy of the registry in Russian [1] and a machine-
translated version [2].

The first ones added to the registry in 2014 were a dating website (mamba),
Russian social network VK, email services (Yandex and Mail.ru) and IT news
websites Habrahabr and Roem. Probably developers and sysadmins are considered
dangerous people so they need supervision.

Also there is a website snap.com operated by Snap Inc.

[1]
[https://reestr.rublacklist.net/distributors/](https://reestr.rublacklist.net/distributors/)

[2]
[https://translate.google.com/translate?sl=ru&tl=en&js=y&prev...](https://translate.google.com/translate?sl=ru&tl=en&js=y&prev=_t&hl=ru&ie=UTF-8&u=https%3A%2F%2Freestr.rublacklist.net%2Fdistributors%2F&edit-
text=&act=url)

------
cameldrv
If I were in Russia, I wouldn't count on Telegram to keep my communications
secure. Too many aspects of the story don't make sense. There are only so many
proxies Telegram has, and Russia can just block them all, like China has.
That, plus some big questions about Durov and Telegram itself make me question
whether Telegram is just the Russian security services pumping an app that
people think is secure from them and that they'll speak freely on.

------
charlesdm
Didn't know you could do deep packet inspection on encrypted traffic?

Anyone who can shed some light on how they might be doing this? I'm curious.

~~~
partyfaker
Telegram uses it's own custom MTProto protocol. Although the traffic is
encrypted, it is identifiable as Telegram traffic (fixed structure,
identifiable prefix for packets).

There's an outcry for them to use TLS but I didn't see that they said anything
about that.

Here's a nice article for more info: [https://blog.susanka.eu/how-telegram-
obfuscates-its-mtproto-...](https://blog.susanka.eu/how-telegram-obfuscates-
its-mtproto-traffic/)

~~~
aaomidi
It's not like TLS would've fixed this. Iran is blocking Telegram very easily.

If they also used anything with TLS 1.3 or HTTPS with TLS 1.2, the plaintext
SNI would've been enough to detect Telegram.

~~~
lucb1e
Wait, didn't TLS 1.3 have encrypted SNI? I haven't yet read up on the details
but iirc that was one of the major new things.

~~~
kardos
Unfortunately no, but there is an RFC [1] in the works for the more distant
future

[1] [https://tools.ietf.org/html/draft-rescorla-tls-
esni-00](https://tools.ietf.org/html/draft-rescorla-tls-esni-00)

------
sdf43543t345
Technology companies that make DPI technology for censorship should DIAF. If
you work at one, you are actively making the world a shittier place. That is
all.

~~~
giancarlostoro
Eh DPI? DIAF? Not familiar with what these mean. DPI = Dots Per Inch
usually...

~~~
comex
DPI = Deep Packet Inspection (it's in the article)

DIAF = die in a fire

------
azangru
I am Russian, and I do not use Telegram, I and do not really know the
technology that it relies on, so my opinion is probably worthless, but I can't
get rid of the feeling that if Telegram just left the scene quietly and
peacefully when the Russian authorities announced the ban, things would have
been much simpler and yes, better. The authorities would have pretended that
their mission had been accomplished. People who still really needed Telegram
could continue to use it with the help of proxies or vpns. And the mayhem that
occurred when the Russian internet watchdog started blocking millions of IPs
would never have happened.

Instead we had this ridiculous escalation causing the disruption of the normal
internet communications for a while, and promising even more sinister problems
in the future.

And Gitbooks still don't work properly here :-(

~~~
anonymfus
That is some Stockholm syndrome thinking.

I am Russian and I like this escalation because it makes more people to hate
Putin making overthrow of his regime more likely.

~~~
pixelperfect
> I am Russian and I like this escalation because it makes more people to hate
> Putin making overthrow of his regime more likely.

Is there any chance of that happening? I am not Russian but my impression is
that a large majority of Russians favor Putin and it's hard to imagine how he
could be overthrown.

~~~
azangru
> I am not Russian but my impression is that a large majority of Russians
> favor Putin and it's hard to imagine how he could be overthrown.

A massive peaceful protest that the leader is powerless to suppress and that
forces him to step down is just one (and very happy) scenario of overthrowing
a leader. This indeed is not very likely to happen.

There always remains a military coup, however, which does not require a
support of the population.

But overthrowing a government is a scary business. Who is going to come in
their stead? Will their be a power struggle? Will it turn violent? Will their
be a civil war (a very real prospect in a country such as Russia, where the
provinces have historically been exploited by the metropolis and strongly
despise it). I am astonished people here talk so lightly of overthrowing
Putin, as if he is the only villain and the only obstacle to the better
future, and once he is removed from the scene everything is hunky-dory.

