On Mon, Sep 27, 2021, at 15:59, Nico Schottelius wrote:
>
> StarBrilliant writes:
>
> > On Mon, Sep 27, 2021, at 10:21, Bruno Wolff III wrote:
> >> If your ISP is blocking your Wireguard traffic call them up and complain.
> >
> > All ISPs in China is blocking Wireguard traffic. If you call any o
Hey Evgeny,
There are some neat aspects of the approach here. Encrypting using the
pubkey has the nice effect of making packets look like noise while
also being sufficiently peer-linked that it might not be super
feasible to detect (though still possible I suppose).
I don't think we'd merge somet
StarBrilliant writes:
> On Mon, Sep 27, 2021, at 10:21, Bruno Wolff III wrote:
>> If your ISP is blocking your Wireguard traffic call them up and complain.
>
> All ISPs in China is blocking Wireguard traffic. If you call any of
> them up, you will end up in jail. There was a case where one user
On Mon, Sep 27, 2021, at 10:21, Bruno Wolff III wrote:
> If your ISP is blocking your Wireguard traffic call them up and complain.
All ISPs in China is blocking Wireguard traffic. If you call any of them up,
you will end up in jail. There was a case where one user sued their ISP for
blocking Goo
> On Sep 27, 2021, at 8:01 AM, Konstantin Ryabitsev
> wrote:
>
> On Mon, Sep 27, 2021 at 05:21:57AM -0500, Bruno Wolff III wrote:
>>> With obfuscation there would be UDP packets of random junk, and it would be
>>> a
>>> much harder job to come up with a rule to drop those without affecting
>
On Mon, Sep 27, 2021 at 05:21:57AM -0500, Bruno Wolff III wrote:
> > With obfuscation there would be UDP packets of random junk, and it would be
> > a
> > much harder job to come up with a rule to drop those without affecting
> > anything else.
>
> If your ISP is blocking your Wireguard traffic c
On Mon, Sep 27, 2021 at 14:36:28 +0500,
Roman Mamedov wrote:
On Mon, 27 Sep 2021 04:14:35 -0500
Bruno Wolff III wrote:
This isn't a simple problem. The assumption is that someone is seeing
your network traffic and blocking it.
The assumption is that there's an appliance at the ISP which ha
On Mon, 27 Sep 2021 04:14:35 -0500
Bruno Wolff III wrote:
> This isn't a simple problem. The assumption is that someone is seeing
> your network traffic and blocking it.
The assumption is that there's an appliance at the ISP which has a DROP rule
for UDP with 4 fixed bytes at a fixed offset. It
On Mon, Sep 27, 2021 at 12:34:39 +0500,
Roman Mamedov wrote:
On Mon, 27 Sep 2021 02:11:30 -0500
Don't over-estimate the resources available to DPIs, if there aren't easy
ways to block, it might be almost as good as unblockable.
And it is far from all cases that hiding traffic would result in
Hi everyone,
On Mon, Sep 27, 2021 at 9:55 AM Nico Schottelius
wrote:
> Bruno Wolff III writes:
> > On Mon, Sep 27, 2021 at 09:53:08 +0900,
> > Nico Schottelius wrote:
> >
> > The problem is mostly orthogonal to Wireguard. There isn't going to be
> > a one size fits all solution for hiding traf
Bruno,
thanks for raising 2 very important points:
Bruno Wolff III writes:
> On Mon, Sep 27, 2021 at 09:53:08 +0900,
> Nico Schottelius wrote:
>>
>>I'd appreciate if wireguard upstream would take this in, maybe even
>>supporting multiple / dynamic listen ports.
>
> The problem is mostly ort
On Mon, 27 Sep 2021 02:11:30 -0500
Bruno Wolff III wrote:
> On Mon, Sep 27, 2021 at 09:53:08 +0900,
> Nico Schottelius wrote:
> >
> >I'd appreciate if wireguard upstream would take this in, maybe even
> >supporting multiple / dynamic listen ports.
>
> The problem is mostly orthogonal to Wireg
On Mon, Sep 27, 2021 at 09:53:08 +0900,
Nico Schottelius wrote:
I'd appreciate if wireguard upstream would take this in, maybe even
supporting multiple / dynamic listen ports.
The problem is mostly orthogonal to Wireguard. There isn't going to be a
one size fits all solution for hiding traf
Hey,
el3xyz writes:
> [...]
> To make detection more difficult two things are being done
> * handshake initiation, response and cookie messages are padded with random
> sized garbage
> * Up to 192 bytes of each message is encrypted with obfuscation key derived
> from peer public key (differen
Hey all,
I guess this topic is, at the very least, not new, but there is still no
solution. In the country where I live internet censorship increases year after
year and more network operators start blocking WG. With that being done I'm
stuck to ShadowSocks which is slower and less secure on de
15 matches
Mail list logo
