DPI technology for blocking Telegram: will it work and how to bypass it

2024 Author: Malcolm Clapton | [email protected]. Last modified: 2023-12-17 03:44

Let's figure out how this method of denying access differs from the usual ones and what the likelihood is that it will be implemented to combat a persistent messenger.

In 2018, Roskomnadzor actively blocked Telegram and various sites, but its methods only interfered with the work of other services. The popular messenger is now available on its own, and forbidden sites can be accessed through a proxy. Of course, Roskomnadzor is not happy with this.

Recently, a rumor appeared on the Web that Roskomnadzor will introduce a new Telegram blocking technology for 20 billion rubles that the state plans to spend 20 billion rubles on a new blocking system using DPI. The head of Roskomnadzor, Alexander Zharov, officially denied this information Zharov: Roskomnadzor did not spend 20 billion rubles on the development of Telegram blocking systems, but said that the department was improving its systems. So, perhaps, it is still planned to use DPI. And it's better to prepare for this and find out in advance how to bypass the block.

What is DPI and how does this technology work

When we surf the web or communicate in instant messengers, computers exchange data blocks with each other, that is, packets. Previously, control technologies only checked the headers and senders of packets and, based on this, blocked information arrays transmitted by Telegram or prohibited sites. But such a measure of influence could be easily circumvented by replacing the sender data with the help of a proxy.

The name of DPI technology stands for Deep Packet Inspection, that is, "deep packet inspection". It checks not only the headers and sender, but also the contents of the arrays and, based on this, determines which application or site is their source.

To make it clearer, let's give an analogy. Let's imagine that the blocker is a customs officer who checks the parcels. Previously, he only looked at their senders, so if Telegram sent its "package", that is, a data packet, through a proxy, the customs blocker let it through.

If the border control officer works using DPI technology, he will not only check the name of the addressee, but also open the parcel and understand from the contents that it comes from a prohibited source.

The analogy is not entirely accurate, since even with DPI technology, the ad blocker will not be able to view the actual messages you send. That is, the data remains confidential, but their "packaging" clearly indicates a prohibited site or application, which allows you to block the package.

What is the problem with DPI implementation?

In theory, the method works flawlessly, but in practice there are no ideal technologies. DPI hardware is difficult to set up and very expensive.

Even if there is money and specialists, the technology itself can fail. Different applications and sites pack data packets very similarly, so there is a risk that instead of Telegram, some authorized messenger, VKontakte or banking service will be blocked. And if packets are protected by encryption, then it is more difficult to recognize their contents, and the likelihood of error is even higher.

This means that an unsuccessful attempt to use DPI can paralyze almost the entire Russian Internet - and in this case, the technology will definitely be turned off. But there is a chance that everything will work out fine - especially since there are already successful examples.

Where DPI is currently applied

In the world, DPI is used not for blocking, but for advertising purposes. The technology analyzes all packets of users, and then embeds ads into them based on people's behavior on the Web. This kind of marketing is very popular in the US and Europe, although it comes at a cost to providers.

In Russia, DPI is actively used by cellular operators. With this technology, they:

• limit the connection speed after the user has spent all their monthly Internet traffic;
• regulate the speed of torrents, Skype and other services or block them when accessing via a mobile device;
• they notice when the Internet is not used on the phone, but is distributed to the computer.

But DPI is most widely used in China. Here, the network was spent on this technology through the DPI scope: the anatomy of the Chinese Internet is about a billion dollars and it almost ideally closes sites that the government considers dangerous from Chinese citizens. But we should not be afraid of such an option - apparently, we are not yet ready to invest so much money into the DPI application mechanism.

How to bypass DPI

In Russia, this technology is unlikely to work perfectly, so there is a chance that Telegram itself will take measures to bypass the blocking, for example, it will additionally encrypt packets. Former director of special areas of Telegram Anton Rosenberg noted Roskomnadzor will introduce a new technology for blocking Telegram for 20 billion rubles, which DPI is unlikely to help in blocking access - the messenger will mask its packages and change protective methods much faster than Roskomnadzor can respond to them.

If the system does start to work or is already working with your provider to block the site, then you can try to bypass the ban using special programs. One of them is GoodbyeDPI. It operates through the command line, so you need to carefully read the instructions - it will not be difficult to figure it out.