AG 1, AG 2, AG 3, INET, AG 4, AG 5, D6, SWS, RG1, MMCI   Info

AG Audience

English

30 Minutes

Iran leverages ISP level and national firewalls to restrict access to the internet. This results in a cat-and-mouse game between censorship and censorship-circumvention tools. In this presentation, I would like to go over the key contributions I've made to these circumvention tools. In 2021, widely used internet censorship circumvention tools written for Android based on V2Ray and Xray Core (a highly popular censorship-circumvention tool and fork of V2Ray) stopped working; meanwhile, the desktop versions continued to function. Following this, I observed their traffic characteristics and found out that Golang's mobile TLS fingerprint was blocked by some ISPs. To combat this, I've contributed to Xray Core by integrating the uTLS library into gRPC, WebSocket, and H2 transport methods; the uTLS library provides fingerprint mimicking of popular browsers for TLS connections and thus allows users to bypass restrictions.

In addition to these improvements, a new method has recently emerged: using reverse UDP and TCP connections to bypass restrictions like IP and protocol blocking. Consequently, I've developed a tool based on this method that encapsulates its traffic in protocols such as gRPC and WebSocket. I combined these apps with TCP and UDP hole punching to allow home users to bypass blockages. Writing a UDP hole punching tool also enables home users from non-restricted countries to donate internet to people in restricted countries. These tools have allowed users to continue accessing the open internet, even in heavily restricted environments.

Ina Geisler

+49 681 9325 1802

--email hidden

Zoom

passcode not visible

logged in users only