I was trying to find a certain github page, it was like a forum entirely within github issues, or something like that, people were posting bypasses--solutions to that problem(for the technically-minded). Now I can't find it.
You need to look into NNCP (nncpgo.org, clone the source ASAP), Nostr, FIDO, and offline first solutions.
The key is to avoid protocols that are too “chatty”. You need simple request/response, with no timeout, where the response could be huge files you have requested. Then you can pass request/response over USB/MicroSD sneakernet or short lived VPN connection (before it can be detected and blocked).
Nostr is useful because identity is a key, so you can publish anonymously but people who like your content can verify that a piece of content comes from you. Also, if data can be brought across the border, it is very easy to republish it. If the situation degrades to where you are relying on sneakernet, bringing a week’s worth of Nostr events across the border and distributing it to others may be effective at keeping a small, slow lifeline open.
I fear we will see the same thing soon in the West especially if this war expands. Good luck and godspeed.
Edit: steganography would also be useful, if any sites that allow UGC are whitelisted.
Hey, I'm from Russia, been living with a VPN for a couple of years now — need it for work and just in general: YouTube, various services, you name it.
I live in a small town, and so far none of the major blocks people talk about in Moscow, St. Petersburg, and border regions are really felt here. I keep up with the news and it's clear the situation in big cities is noticeably worse.
If you're seriously thinking about this — moving to a small town out in the provinces might actually be a surprisingly workable option, at least as a temporary fix. The infrastructure is different there, and the "targeted" blocks tend to arrive late, if at all. Not a permanent solution obviously, but you do buy yourself real time.
Nothing surprising here, nationalism requires isolating the people from external sources of information in order for its debilitating propaganda to succeed.
Small correction: authoritarianism requires using hypernationalism / ultranationalism to isolate people from external sources of information, in order for propaganda and censorship to be effective.
Which is indeed the motive behind so-called "splinternet" efforts, such as this.
Have you heard of Mesh Networking between devices?
If enough people in dense urban areas ran something like meshtastic or a similar protocol, you could theoretically pass traffic peer to peer without touching ISP infrastructure at all. range is limited but in a city like Moscow where apartments are packed close together it's at least worth thinking about.
Since it's a website white list, maybe VLESS with SNI masking to a whitelisted website abroad would work? But you have to buy a VPS and run the xray server yourself.
- roskomnadzor just not being competent enough to implement the block fully
- they'll reserse the block, since it will likely completely cripple everything that relies on the internet (which is basically everything nowadays)
- they won't go through with the ban completely, since if they do, their job is sort of done, and they want to continue to exist to make money off of the digital infrastructure required to implement the block, and they'll just continue playing this game of cat and mouse
- outside internet connectivity will likely remain to some degree, it'll just be very slow and probably expensive, but i really struggle to see a country like Russia being completely cut off from the internet in the year of our lord 2026
i could be wrong, who knows, after all this whole situation is unprecedented, and human ingenuity sort of always finds a way
and in a somewhat positive note, mobile internet has come back today and the blocks are bypassable with a regular vpn now, even ones that aren't being hosted on whitelisted subnets
1. Thanks to the sanctions, it is virtually impossible for RF citizens to purchase anything abroad with Russian credit cards.
2. VPN was design not to obfuscate but to encrypt - that is, the protocol doesn't conceal the fact that VPN channel is being used, you just cannot peek into the content in this channel. Which means that more and more sophisticated tools are being used to block VPN communications.
vpn protocols we use here nowadays are way more advanced than this, they mimic a TLS handshake with a legitimate (non blocked site, like google.com) and looks essentially like regular https traffic to that site
it looks like they are basically impossible to detect, given the failure to block them, outside of timing attacks (seeing if a request crosses Russia's border and comes back quickly after), however that is fully mitigated by just having having the vpn "disconnect" and route traffic directly to Russian unblocked sites, which would otherwise be able to perform such a timing attack detection
pretty interesting stuff, there are several versions of this system, and even the ones that have existed for a while work pretty well
Super interesting stuff, but won't this require multiple (possible untrustworthy / adversarial parties) to abide by your protocol? Like if you don't control all the nodes in the VPN then why can't the Kremlin just enforce a blacklist at said bad node?
you do/can control all the VPN nodes in this setup (most often just a single one) since your traffic doesn't actually go through the website you're masking under
and the nature of the protocol makes it extremely difficult to detect and thus get server IP banned, i got one server banned, but after that i implemented some practices (including directly connecting to websites that are inside Russia) and it's been working fine since then
https://github.com/danoctavian/awesome-anti-censorship
I was trying to find a certain github page, it was like a forum entirely within github issues, or something like that, people were posting bypasses--solutions to that problem(for the technically-minded). Now I can't find it.
You need to look into NNCP (nncpgo.org, clone the source ASAP), Nostr, FIDO, and offline first solutions.
The key is to avoid protocols that are too “chatty”. You need simple request/response, with no timeout, where the response could be huge files you have requested. Then you can pass request/response over USB/MicroSD sneakernet or short lived VPN connection (before it can be detected and blocked).
Nostr is useful because identity is a key, so you can publish anonymously but people who like your content can verify that a piece of content comes from you. Also, if data can be brought across the border, it is very easy to republish it. If the situation degrades to where you are relying on sneakernet, bringing a week’s worth of Nostr events across the border and distributing it to others may be effective at keeping a small, slow lifeline open.
I fear we will see the same thing soon in the West especially if this war expands. Good luck and godspeed.
Edit: steganography would also be useful, if any sites that allow UGC are whitelisted.
Hey, I'm from Russia, been living with a VPN for a couple of years now — need it for work and just in general: YouTube, various services, you name it.
I live in a small town, and so far none of the major blocks people talk about in Moscow, St. Petersburg, and border regions are really felt here. I keep up with the news and it's clear the situation in big cities is noticeably worse.
If you're seriously thinking about this — moving to a small town out in the provinces might actually be a surprisingly workable option, at least as a temporary fix. The infrastructure is different there, and the "targeted" blocks tend to arrive late, if at all. Not a permanent solution obviously, but you do buy yourself real time.
Do you want a technical solution for a governmental problem?
It's not going to work.
you need secure channels of communication (and preferably a connection to the outside world) to solve any problem
No. You need people not being sheep to fight a police state.
Russians are sheep. Russia has become a police state.
Have you yourself fought anyone?
Besides arguing on the internet with strangers
Only online trolls with my NAFO brethren.
The front line is everywhere, as you know. You are fighting an information war and some of us are here to troll you back.
Nothing surprising here, nationalism requires isolating the people from external sources of information in order for its debilitating propaganda to succeed.
Small correction: authoritarianism requires using hypernationalism / ultranationalism to isolate people from external sources of information, in order for propaganda and censorship to be effective.
Which is indeed the motive behind so-called "splinternet" efforts, such as this.
Have you heard of Mesh Networking between devices?
If enough people in dense urban areas ran something like meshtastic or a similar protocol, you could theoretically pass traffic peer to peer without touching ISP infrastructure at all. range is limited but in a city like Moscow where apartments are packed close together it's at least worth thinking about.
Since it's a website white list, maybe VLESS with SNI masking to a whitelisted website abroad would work? But you have to buy a VPS and run the xray server yourself.
perhaps, there's still hope i think:
- roskomnadzor just not being competent enough to implement the block fully
- they'll reserse the block, since it will likely completely cripple everything that relies on the internet (which is basically everything nowadays)
- they won't go through with the ban completely, since if they do, their job is sort of done, and they want to continue to exist to make money off of the digital infrastructure required to implement the block, and they'll just continue playing this game of cat and mouse
- outside internet connectivity will likely remain to some degree, it'll just be very slow and probably expensive, but i really struggle to see a country like Russia being completely cut off from the internet in the year of our lord 2026
i could be wrong, who knows, after all this whole situation is unprecedented, and human ingenuity sort of always finds a way
and in a somewhat positive note, mobile internet has come back today and the blocks are bypassable with a regular vpn now, even ones that aren't being hosted on whitelisted subnets
Арендуй VPS сервер в другой стране и подними на нем VPN сервер личный и тебя никто не заблокирует.
This will not work for two reasons:
1. Thanks to the sanctions, it is virtually impossible for RF citizens to purchase anything abroad with Russian credit cards.
2. VPN was design not to obfuscate but to encrypt - that is, the protocol doesn't conceal the fact that VPN channel is being used, you just cannot peek into the content in this channel. Which means that more and more sophisticated tools are being used to block VPN communications.
vpn protocols we use here nowadays are way more advanced than this, they mimic a TLS handshake with a legitimate (non blocked site, like google.com) and looks essentially like regular https traffic to that site
it looks like they are basically impossible to detect, given the failure to block them, outside of timing attacks (seeing if a request crosses Russia's border and comes back quickly after), however that is fully mitigated by just having having the vpn "disconnect" and route traffic directly to Russian unblocked sites, which would otherwise be able to perform such a timing attack detection
pretty interesting stuff, there are several versions of this system, and even the ones that have existed for a while work pretty well
Super interesting stuff, but won't this require multiple (possible untrustworthy / adversarial parties) to abide by your protocol? Like if you don't control all the nodes in the VPN then why can't the Kremlin just enforce a blacklist at said bad node?
you do/can control all the VPN nodes in this setup (most often just a single one) since your traffic doesn't actually go through the website you're masking under
and the nature of the protocol makes it extremely difficult to detect and thus get server IP banned, i got one server banned, but after that i implemented some practices (including directly connecting to websites that are inside Russia) and it's been working fine since then
> Rent a VPS in another country and set up your own personal VPN server on it, and no one will be able to block you.
(machine translation)
How would this ever work with a whitelist? did you even read the post?
read the post please, the precise problem is that this may soon not work