hi @cjd I was watching the PKT project and wondering how useful it would be for bypassing the deep packet inspection censorship that Russian gov started rolling out recently?
This suggests that cjdns and Wireguard handshake are completely opaque binary traffic:
https://crypto.pkt.cash/updates/cjdns-version-22-with-wireguard-based-encryption-pt-1/
No plaintext strings is important advantage as DPI specifically uses TLS SNI for target domain detection and blocking. How about entry points, directory servers and other potentially blockable resources?
@kravietz
This is quite tricky because "completely opaque binary traffic" is actually a liability, I mean if you're a dictator you're not going to say "I don't know what this is so I'd better let it pass", you're going to say "I don't know what this is so I'm going to block it"
So anti-DPI gets really complicated. One thing that PKT has going for it is bandwidth-hard proof of work, which creates monetary incentive to move data around the internet. This at least changes the dynamic a bit.
@kravietz
So you start blocking PacketCrypt data flows and it's just like before, except instead of a bunch of volunteers trying to write obfuscators (e.g. obsf-proxy), you have professional crypto miners with a commercial interest in figuring out how to get around that block.
Maybe they obfuscate, maybe they bounce, maybe they pay a tip to their friend at the telco to "mess up" the firewall config. Point is that when finance gets involved there is actually a possibility to make things happen.
