2) Every other TCP/UDP flow is checked for conformance with plain-text protocols (like HTTP), or far worse, simply for the level of entropy in the data.
3) A threat of legal action is made against anyone caught using secure crypto.
Good luck beating that. The key here is that the "entropy detector" doesn't "really" need to work. It only needs to work well enough to scare people into submission.