Russian state regulator Roskomnadzor has launched another large-scale offensive against the popular messenger Telegram, tightening the noose around the digital freedom of users in the country. Although the platform is not officially banned on paper, the authorities have switched to a tactic of deliberate and brutal traffic slowdown. This time, however, the blow is aimed right at the heart of privacy protection tools, targeting specialized proxy servers that have so far helped millions of people stay online without censorship.
Built-in proxy server support has always been Telegram's main secret weapon for overcoming any digital barriers. The application uses its own encrypted technology, known as the MTProto protocol, whose main task is to disguise data exchange as quite ordinary and legitimate web surfing. Thanks to this, until recently, Russian technical threat filtering systems (TPFS) were completely blind to this traffic, as their Deep Packet Inspection (DPI) algorithms only caught standard HTTPS connections and left Telegram to work undisturbed.
However, in the spring of this year, censorship moved to a new, more aggressive level, after Roskomnadzor implemented modernized software in its filtering systems. The new algorithms were able to catch specific differences in the way the application and web browsers establish their encrypted connections, which led to massive failures in the work of proxies. Pavel Durov's team reacted swiftly with an April update for all operating systems, which literally copied the behavior of web browsers and temporarily neutralized the threat.
Alas, the cat-and-mouse game in the Russian Internet continues in full force, as at the end of May the regulator launched even more sophisticated methods of digital blockade. Now Russian systems analyze not just the connection itself, but the deep protocols and signatures that unambiguously distinguish MTProto from a traditional browser. The big problem is that this time the situation cannot be covered up with cosmetic changes to the settings, but will require Telegram programmers to fundamentally rewrite and change the structure of their protocol from scratch.
At the moment, repressive measures are not yet operating continuously across the entire country, but are carried out in periodic waves, affecting different Russian regions in a staggered manner. This shows that the authorities are currently testing the combat readiness of their new cyberweapons before a possible complete blackout. However, for users, the bitter taste remains that the windows for free communication on the network are closing one after another under pressure from the state machine.