警惕 SNI 白名单地区隐蔽的大规模“降级攻击” / Watch out for hidden mass "downgrade attacks" in SNI whitelisted areas

[RPRX]

原文：https://t.me/projectXtls/91

警惕 SNI 白名单地区隐蔽的大规模“降级攻击”

根据长期的观察，以及多位身处 SNI 白名单地区的群友的反馈，这些地区的 IPv4 TCP 并不封锁 SS、VMess 这类全随机数裸协议，与其它地区的封锁策略形成了鲜明的反差，是一种非常反常的现象。

我们已知对于封锁翻墙流量，SNI 白名单是一种附带伤害极高的方式，我们也知道，其它地区的 GFW 正在轻易识别并封锁全随机数裸协议。那么请大家思考：为什么某些地区并不在乎附带伤害，对 TLS 采用 SNI 白名单这样的强过滤策略，却“完全不管”全随机数裸协议？

只有一种可能：故意留的口子，除此之外没有任何其它合理解释。 我们已知相较于 TLS，全随机数裸协议相当于是把翻墙写在了脸上，更便于识别、掌握情况。且它们普遍缺乏 TLS 的“前向安全”等高级安全特性，非常原始，通过某种方式拿到密码就可以解密以前、以后的所有流量，非常利于监控。所以我认为，这种 SNI 白名单+不封锁全随机数裸协议的组合策略，实质上是在迫使人们从较为安全的 TLS 协议迁移到不够安全的全随机数裸协议，是一场隐蔽的大规模“降级攻击”。

SNI 白名单地区存在的这种非常反常的现象也从侧面证实了，我在多个场合曾提醒过的关于全随机数裸协议的种种风险切实存在，就连 GFW 也明确希望你们使用全随机数裸协议而不是 TLS。 目前，这些地区仍可直接使用 REALITY，且它解决了 TLS 令人诟病的 CA 风险。或者，配置 REALITY over SS：https://github.com/XTLS/Xray-core/discussions/1811#discussioncomment-5355075

---

Original Article: https://t.me/projectXtls/91

Be wary of hidden mass "downgrade attacks" in SNI whitelisted areas

Based on long term observations and feedback from several group members in SNI whitelisted regions, IPv4 TCP in these regions does not block SS, VMess, and other fully randomized protocols, which is a stark contrast to blocking strategies in other regions and is a very unusual phenomenon.

We know that SNI whitelisting is a highly collateral damage approach to blocking wall traffic, and we know that GFWs in other regions are easily identifying and blocking full random number bare protocols. So think about this: Why do some regions not care about collateral damage and use a strong filtering strategy like SNI whitelisting for TLS, but "ignore" fully randomized protocols altogether?

There is only one possibility: intentional openings, but no other reasonable explanation. We know that compared to TLS, fully randomized protocols are the equivalent of putting a wall in your face, making it easier to identify and understand the situation. And they generally lack TLS "forward security" and other advanced security features, very primitive, some way to get the password can be decrypted before, after all the traffic, very easy to monitor. So I think this combination of SNI whitelist + unblocked fully randomized protocols strategy is essentially forcing people to migrate from the more secure TLS protocol to less secure fully randomized protocols, a covert mass "downgrade attack".

This very perverse phenomenon in SNI whitelisted regions also confirms that the risks of the fully randomized protocol that I have warned about on several occasions are real, and that even GFW explicitly wants you to use fully randomized protocols instead of TLS. For now, these regions can still use REALITY directly, and it addresses the CA risks that TLS has been criticized for. Or, configure REALITY over SS: https://github.com/XTLS/Xray-core/discussions/1811#discussioncomment-5355075

[wkrp]

Archive of Telegram post

[beavailable]

我觉得你的结论

只有一种可能：故意留的口子，除此之外没有任何其它合理解释。 我们已知相较于 TLS，全随机数裸协议相当于是把翻墙写在了脸上，更便于识别、掌握情况。且它们普遍缺乏 TLS 的“前向安全”等高级安全特性，非常原始，通过某种方式拿到密码就可以解密以前、以后的所有流量，非常利于监控。所以我认为，这种 SNI 白名单+不封锁全随机数裸协议的组合策略，实质上是在迫使人们从较为安全的 TLS 协议迁移到不够安全的全随机数裸协议，是一场隐蔽的大规模“降级攻击”。

不是特别有意义。

不合理之处1：GFW 要处理的是全国的流量，仅在少数城市实施 SNI 白名单并迫使人们使用随机数裸协议没有太大的用处。 不合理之处2：监控流量可能是 GFW 的一个用处，但我相信 GFW 的主要目的还是阻止访问，而不是监控。

但你观察到的现象确实很反常，我的猜测是在少数城市实施 SNI 白名单，确实可以迫使人们使用随机数裸协议，但这可能只是手段，而不是目的。 审查者迫使人们使用随机数裸协议的目的是什么？我认为他们可以因此收集到更多、更准确的翻墙流量信息，这可能有助于审查者开发更精准的封锁技术，从而应用到全国。

---

I think your conclusion

There is only one possibility: a deliberately left open, there is no other reasonable explanation beyond that. We know that compared to TLS, all-random-number bare protocols are the equivalent of writing a wall in your face, making it easier to identify and keep track of the situation. And they generally lack TLS "forward security" and other advanced security features, very primitive, some way to get the password can be decrypted before, after all the traffic, very easy to monitor. So I think this combination of SNI whitelist + unblocked all-random-number bare protocol strategy is essentially forcing people to migrate from the more secure TLS protocol to the less secure all-random-number bare protocol, a covert mass "downgrade attack".

is not particularly meaningful.

What doesn't make sense #[]()1: GFW is dealing with national traffic, and implementing SNI whitelisting in only a few cities and forcing people to use fully randomized protocols is not very useful. What doesn't make sense #[]()2: Monitoring traffic may be one use of GFW, but I believe the primary purpose of GFW is still to block access, not monitor it.

But what you observe is really counterintuitive, and my guess is that implementing SNI whitelisting in a few cities does force people to use fully randomized protocols, but that may be a means to an end. What is the purpose of the censors forcing people to use fully randomized protocols? I think they can thus gather more and more accurate information about walling traffic, which may help censors develop more accurate blocking techniques that can be applied nationwide.

[RPRX]

@beavailable 看起来你对 GFW 有一些刻板印象，我知道有不少人是这样，正好借此机会纠正、科普一下。

不合理之处1：GFW 要处理的是全国的流量，仅在少数城市实施 SNI 白名单并迫使人们使用随机数裸协议没有太大的用处。

GFW 并不是全国统一的，而是分散在各个地区，类似于边缘计算。且不同地区、不同运营商都有不同的策略，当然也经常试点。

不合理之处2：监控流量可能是 GFW 的一个用处，但我相信 GFW 的主要目的还是阻止访问，而不是监控。

GFW 这个词只是对审查者的一个模糊统称，实际功能、情况非常复杂。我们曾收到某供应商“内鬼”消息称他们开发了监控功能。 客观事实是，中国无法承担完全封锁“翻墙”流量的代价，只能退而求其次选择监控：https://github.com/XTLS/Xray-core/discussions/1811#discussioncomment-5997939

但你观察到的现象确实很反常，我的猜测是在少数城市实施 SNI 白名单，确实可以迫使人们使用随机数裸协议，但这可能只是手段，而不是目的。 审查者迫使人们使用随机数裸协议的目的是什么？我认为他们可以因此收集到更多、更准确的翻墙流量信息，这可能有助于审查者开发更精准的封锁技术，从而应用到全国。

这一说法不成立，因为对于全随机数裸协议，GFW 早就有能力精准封锁：https://gfw.report/publications/usenixsecurity23/zh/

---

It looks like you have some misconceptions about GFW, and I know quite a few people do, so I'll just take this opportunity to correct and scientifically explain.

What doesn't make sense #[]()1: GFW has to deal with nationwide traffic, there is not much use in implementing SNI whitelisting in only a few cities and forcing people to use fully randomized protocols.

GFW is not uniform across the country, but is scattered across regions, similar to edge computing. And different regions and different operators have different strategies and of course often pilot them.

What doesn't make sense #[]()2: Monitoring traffic may be a use of GFW, but I believe the main purpose of GFW is still to block access, not to monitor.

The term GFW is just a vague catch-all term for censors, and the actual function and situation is very complex. We have received "insider" information from a vendor that they have developed monitoring capabilities. The objective fact is that China cannot afford to completely block "wall" traffic, so it has to settle for monitoring: https://github.com/XTLS/Xray-core/discussions/1811# discussioncomment-5997939

My guess is that the implementation of SNI whitelisting in a few cities does force people to use fully randomized protocols, but that may be the means, not the end. What is the purpose of censors forcing people to use fully randomized protocols? I think they can thus gather more and more accurate information about walling traffic, which may help censors develop more accurate blocking techniques that can be applied nationwide.

This argument doesn't hold water because for the full random number naked protocol, GFW already has the ability to accurately block: https://gfw.report/publications/usenixsecurity23/zh/

[RPRX]

顺便评价一下这篇论文：它记载了 GFW 已经精准封锁全随机数裸协议的事实，但是探测出 GFW 的省钱规则、再造 SSR 这条路，我觉得大可不必，早在三年前就说了 https://github.com/v2ray/v2ray-core/issues/2523#issuecomment-636548331 （内容被折叠，需手动展开）。 这篇论文没有明确指出的是，全随机数裸协议这条路确实是已经走到头了，围绕这类协议曾有过大量的攻防研究，围绕“无特征是否就是最大的特征”也曾有过争议，但现在 GFW 已经认定你就是翻墙。依附于 TLS 这样的常见协议切实提高了封锁成本，最近几个月伊朗是想封死所有翻墙，它干扰 UDP，且 TCP 上只留 TLS 这样的常见协议，还是 SNI 白名单，只剩 REALITY 这类协议能用。 最后，我觉得这篇论文不应该接受来自美国政府的资助，这给了“境外势力”说法之口实，况且这些研究即使没有被资助也可以做。

---

By the way, comment on this paper: it documents the fact that GFW has precisely blocked fully randomized protocols, but detecting the GFW's cost-saving rules and reinventing the SSR path is, I think, a big no-brainer, as stated three years ago https://github.com/v2ray/v2ray-core/issues/2523#issuecomment-636548331 (content is collapsed and needs to be expanded manually). What this paper doesn't make clear is that the path of fully randomized protocols has indeed come to an end, and there has been a lot of research around such protocols, and controversy around "whether featureless is the best feature", but now GFW has decided that you are going over the wall. The dependence on common protocols like TLS effectively raises the cost of blocking, in recent months Iran is trying to block all circumvention, it interferes with UDP, and only common protocols like TLS remain on TCP, or SNI whitelist, leaving only protocols like REALITY to work. Finally, I don't think this paper should have received funding from the US government, which gives credence to the "foreign power" argument, and the research could have been done even if it hadn't been funded.

[beavailable]

GFW 并不是全国统一的，而是分散在各个地区，类似于边缘计算。且不同地区、不同运营商都有不同的策略，当然也经常试点。

这个我知道，但这解释不了这个不合理性：只在若干城市实施监控并没有太大的用处。 GFW 这个词只是对审查者的一个模糊统称，实际功能、情况非常复杂。我们曾收到某供应商“内鬼”消息称他们开发了监控功能。 客观事实是，中国无法承担完全封锁“翻墙”流量的代价，只能退而求其次选择监控：XTLS/Xray-core#1811 (reply in thread)

我还是认为 GFW 的主要功能是封锁，监控只是次要功能，GFW 建立之初就是为了阻止国人接触国外的部分信息（从而威胁专制政权），如果阻止不了国人访问国际互联网，那监控也没有太大的意义。 关于你所说的“客观事实”甚至都不是公认的结论，更谈不上事实了。如果你说中国无法承担封锁所有境外流量的代价我还能相信，完全封锁翻墙流量，如果技术上能实现、成本也足够低的话，早就封了，并不会有什么代价，不要忘记还可以使用白名单。 再说了，封锁有代价，监控就没有代价吗？我觉得相比封锁，监控整个城市甚至整个国家的翻墙流量是更不现实的事。 这一说法不成立，因为对于全随机数裸协议，GFW 早就有能力精准封锁：https://gfw.report/publications/usenixsecurity23/zh/

我看过这篇文章，据此只能推出 GFW 有能力精准封锁现有全随机数裸协议，不能推出 GFW 有能力封锁任意全随机数裸协议。 而且既然你也看过，那你应该知道文章底部已经说明了可以实施有效的规避策略的吧？ 最后，我相信你也应该知道现在的 GFW 也在使用机器学习等技术，我认为我的猜测是完全合理的。

---

GFW is not uniform across the country, but is scattered in various regions, similar to edge computing. And different regions and different operators have different strategies, and of course often pilot.

This I know, but it doesn't explain the inconsistency: implementing monitoring in only a few cities isn't very useful.

GFW is a vague generic term for censors, and the actual function and situation is very complex. We have received "insider" information from a vendor that they have developed monitoring capabilities. The objective fact is that China cannot afford to completely block "climbing the wall" traffic, so it has to settle for monitoring: https://github.com/XTLS/ Xray-core/discussions/1811#discussioncomment-5997939

I still think that the main function of GFW is to block, and the monitoring is only a secondary function, GFW was established to prevent the national people from accessing foreign information (thus threatening the authoritarian regime), if it can't prevent the national people from accessing the international Internet, then monitoring is not very meaningful. The "objective facts" you mentioned are not even accepted conclusions, let alone facts. If you say China can't afford to block all foreign traffic, I can believe it. If it was technically possible and low enough cost, it would have been blocked long ago and there would be no cost. Besides, there is a price for blocking, but there is no price for monitoring? I think it is more unrealistic to monitor the wall traffic of an entire city or even an entire country than to block it.

This argument is not valid because GFW has the ability to accurately block fully randomized protocols: https://gfw.report/publications/usenixsecurity23/zh/

I have read this article, according to which only GFW has the ability to accurately block existing fully randomized protocols, not GFW has the ability to block any fully randomized protocol. And since you have read it, you should know that the bottom of the article already states that you can implement an effective circumvention strategy, right? Finally, I believe you should also know that GFW is now using machine learning and other techniques, so I think my guess is perfectly reasonable.

[beavailable]

顺便评价一下这篇论文：它记载了 GFW 已经精准封锁全随机数裸协议的事实，但是探测出 GFW 的省钱规则、再造 SSR 这条路，我觉得大可不必，早在三年前就说了 v2ray/v2ray-core#2523 (comment) （内容被折叠，需手动展开）。 这篇论文没有明确指出的是，全随机数裸协议这条路确实是已经走到头了，围绕这类协议曾有过大量的攻防研究，围绕“无特征是否就是最大的特征”也曾有过争议，但现在 GFW 已经认定你就是翻墙。依附于 TLS 这样的常见协议切实提高了封锁成本，最近几个月伊朗是想封死所有翻墙，它干扰 UDP，且 TCP 上只留 TLS 这样的常见协议，还是 SNI 白名单，只剩 REALITY 这类协议能用。 最后，我觉得这篇论文不应该接受来自美国政府的资助，这给了“境外势力”说法之口实，况且这些研究即使没有被资助也可以做。

我也顺便评价一下，我觉得有没有口实根本不重要了，没有口实又怎样，“境外势力”这个词还不是照样用了很多年并且将继续用下去。

I also comment in passing that I don't think it matters if there is no factual evidence, so what if there isn't, the term "foreign power" has been used for years and will continue to be used.

[RPRX]

这个我知道，但这解释不了这个不合理性：只在若干城市实施监控并没有太大的用处。

关于这种 SNI 白名单+不封锁全随机数裸协议的组合策略，如果你能看得懂刚刚我说的 试 点 这两个字是什么意思。 我把话说得清楚一些，最初这种东西只在泉州有，后来福州也有了，它是在小范围测试，不排除继续推广，有一天就到你家了。

此外，并非“只在若干城市实施监控”，其实你早就被监控了（但是 SS 这类更利于监控），看下一段：

我还是认为 GFW 的主要功能是封锁，监控只是次要功能，GFW 建立之初就是为了阻止国人接触国外的部分信息（从而威胁专制政权），如果阻止不了国人访问国际互联网，那监控也没有太大的意义。 关于你所说的“客观事实”甚至都不是公认的结论，更谈不上事实了。如果你说中国无法承担封锁所有境外流量的代价我还能相信，完全封锁翻墙流量，如果技术上能实现、成本也足够低的话，早就封了，并不会有什么代价，不要忘记还可以使用白名单。 再说了，封锁有代价，监控就没有代价吗？我觉得相比封锁，监控整个城市甚至整个国家的翻墙流量是更不现实的事。

这是 GFW 的作用之一，但它只是想阻止普罗大众接触到这些信息、实时交流，提高翻墙门槛，仅一部分人能翻，而不是封死。 你不知道 GFW 早就知道你在翻墙，只是以前不封你而已，标记个情商，匹配一下 tg 发消息时间、长度，顺着网线抓个人。 以上是两三年前来自“内鬼”的消息，你搞经济、搞科研、写代码，没问题，你要上什么大什么，就危险了，这就是监控的意义。 我也常说，精准封锁绝大部分翻墙流量，真的不难，成本也不高，但总是有人不信，是不是要我写一堆 Trojan-killer 才相信？

我看过这篇文章，据此只能推出 GFW 有能力精准封锁现有全随机数裸协议，不能推出 GFW 有能力封锁任意全随机数裸协议。

全随机数裸协议 之所以叫 全随机数裸协议，就是因为它长得是 全随机数裸协议，外观是一个样，任意长成这样的协议都会被封。

而且既然你也看过，那你应该知道文章底部已经说明了可以实施有效的规避策略的吧？

那些“规避策略”，基本上是 给 SSR 正名 再次发明 SSR，历史早已证明这也是一条死路，甚至历史上 SSR 比 SS 封得更稳准狠。

最后，我相信你也应该知道现在的 GFW 也在使用机器学习等技术，我认为我的猜测是完全合理的。

你的猜测的最大的矛盾点在于，SNI 白名单地区希望你用的这些全随机数裸协议，连没上“规避策略”都不封你，然而对于这些协议，省钱规则就已经能封得非常之精准了，大幅提高成本上深度学习去追求“更精准的封锁”几乎没有现实意义。 所以它必不是目的。

---

I know this, but it doesn't explain the inconsistency: implementing monitoring in only a few cities isn't very useful.

About this combination strategy of SNI whitelisting + not blocking fully randomized protocols, if you can read what I just said pilot what do I mean by this word. Let me make it clear, initially this kind of thing is only available in Quanzhou, then Fuzhou also has it, it is in a small test, do not rule out the continuation of the promotion, one day it will come to your home.

In addition, not "only in a number of cities to implement monitoring", in fact, you have already been monitored (but SS such more conducive to monitoring), see the next paragraph:

I still think that the main function of GFW is to block, and the monitoring is only a secondary function, GFW was established to prevent the people of China from accessing foreign information (thus threatening the authoritarian regime), if you can't prevent the people of China from accessing the international Internet, then monitoring is not very meaningful. The "objective facts" you mentioned are not even accepted conclusions, let alone facts. If you say China can't afford to block all foreign traffic, I can believe it. If it was technically possible and low enough cost, it would have been blocked long ago and there would be no cost. Besides, there is a price for blocking, but there is no price for monitoring? I think it is more unrealistic to monitor the wall traffic of a whole city or even a whole country than to block it.

This is one of the functions of GFW, but it just wants to prevent the general public from accessing this information, communicating in real time, and raising the threshold of going over the wall so that only some people can do it, not blocking it. You do not know GFW long ago knew that you are climbing the wall, just before not block you, tag a sentiment, match tg send messages time, length, along the network line to catch individuals. The above is two or three years ago from the "insider" news, you engage in economic, scientific research, writing code, no problem, you want to go on what big, it is dangerous, this is the meaning of monitoring. I also often say, accurate blocking of most of the wall traffic, really not difficult and costly, but there are always people do not believe, do not want me to write a bunch of Trojan-killer to believe?

I have read this article, according to which GFW can only launch the ability to accurately block existing full random number bare protocols, not the ability to block arbitrary full random number bare protocols.

The reason why fully randomized is called fully randomized is because it looks fully randomized, it looks the same, and any protocol that looks like this will be blocked.

And since you've read it, you should know that there are effective circumvention strategies that can be implemented at the bottom of the article, right?

Those "circumvention strategies" are basically give SSR its proper name reinvent SSR, which history has long proven to be a dead end, and even historically SSR has been more stable and accurate than SS.

Finally, I believe you should also know that GFW is now also using machine learning and other techniques, I think my guess is perfectly reasonable.

The biggest contradiction of your speculation is that the SNI whitelist area wants you to use these fully randomized protocols, and not even using the "circumvention strategy" will block you, not yet for these protocols, the cost-saving rules can already be blocked very accurately, significantly increasing the cost of deep learning to pursue "more accurate blocking" almost no realistic sense. So it must not be the purpose.

[RPRX]

我也顺便评价一下，我觉得有没有口实根本不重要了，没有口实又怎样，“境外势力”这个词还不是照样用了很多年并且将继续用下去。

我们都知道内宣是会这样的，但我觉得口说无凭和证据确凿还是有区别的，至少我不想变成行走的 50 万，毕竟没有就是没有。 我觉得来自中国的研究者都应该避免这种情况，不能让它扣一顶大帽子到我们头上，说我们受到了境外势力的资助。

---

I also comment in passing that I don't think it matters if there is no factual evidence, so what if there is no factual evidence, the term "foreign power" has been used for many years and will continue to be used.

We all know that internal propaganda can be like this, but I think there is a difference between words and evidence. I think all researchers from China should avoid this situation and not let it put a big label on our heads that we are being funded by forces outside of China.

[beavailable]

关于这种 SNI 白名单+不封锁全随机数裸协议的组合策略，如果你能看得懂刚刚我说的 试 点 这两个字是什么意思。 我把话说得清楚一些，最初这种东西只在泉州有，后来福州也有了，它是在小范围测试，不排除继续推广，有一天就到你家了。

我认为这是不切实际的：

• 全随机数裸协议只是容易被识别，但现在的各种协议都使用的高级加密算法，我不认为 GFW 有能力解密
• 如果你认为 GFW 是通过漏洞实现解密，我认为这不一定长久有效，毕竟翻墙软件也是在不断进化的
• 当前翻墙软件承载的流量大部分都是 TLS 流量，解密之后除了能拿到访问的域名之外并没有太多有用的信息，难道你认为审查者仅仅为了知道人们访问的网站域名而大费周章地在全国范围内实施这种策略？
• 即使不考虑漏洞有效的持久性，我们也可以开发私有（不开源，仅自用）的翻墙协议，岂不是既安全又稳定？
• 我觉得审查者肯定会考虑到这些问题，他们不会这么做

我也常说，精准封锁绝大部分翻墙流量，真的不难，成本也不高，但总是有人不信，是不是要我写一堆 Trojan-killer 才相信？

我记得去年十月大封锁的时候，有正常网站被误封，这还是没有完全封锁翻墙流量的情况，如果不难的话，你怎么解释这种误封？ 我看过你写的这个 Trojan-killer，但你应该也知道，这并不是不可规避的。

那些“规避策略”，基本上是 ~给 SSR 正名~ 再次发明 SSR，历史早已证明这也是一条死路，甚至历史上 SSR 比 SS 封得更稳准狠。

根据你前面引用的文章来看，这些规避策略目前依然有效，怎么就是一条死路了？ 审查者和被审查者之间的较量本来就是你来我往，你不能因为之前被封锁过就认定这是一条死路，不要太高估 GFW 的瓦房店技术。

你的猜测的最大的矛盾点在于，SNI 白名单地区希望你用的这些全随机数裸协议，连没上“规避策略”都不封你，然而对于这些协议，省钱规则就已经能封得非常之精准了，大幅提高成本上深度学习去追求“更精准的封锁”几乎没有现实意义。 所以它必不是目的。

根据我了解到的信息，近些年来，国内有很多人一直在使用机器学习、深度学习等技术识别 SS 等翻墙协议，如果那些省钱规则真的能精准封锁，那这些研究意义何在？ 而且如你所说，GFW 是非常复杂的，而中国这个人口大国的网络流量也是非常多样化的，我不认为任何人可以武断地说“精准封锁”。

这是 GFW 的作用之一，但它只是想阻止普罗大众接触到这些信息、实时交流，提高翻墙门槛，仅一部分人能翻，而不是封死。 你不知道 GFW 早就知道你在翻墙，只是以前不封你而已，标记个情商，匹配一下 tg 发消息时间、长度，顺着网线抓个人。 以上是两三年前来自“内鬼”的消息，你搞经济、搞科研、写代码，没问题，你要上什么大什么，就危险了，这就是监控的意义。

我认为不封死的原因很简单，那就是审查者不能实现精准封锁，也不想误封太多正常流量。 如果你说的“内鬼”消息是之前在这个 repo 中的那个爆料 issue 的话，我也看过。 我相信 GFW 有监控的功能，这个我在上面的回复中就说过了，但这不是 GFW 的主要目的。

我觉得你和大多数中国人一样，总是认为当前的专制政权还是在为人民服务的，即使推出 GFW 也为了屏蔽所谓“不良信息”而不想影响人民搞经济、搞科研、写代码。 我已经不想反驳这种观点了，因为我知道，再多的证据都改变不了你们的阿Q思想。

顺便说说我的观点，专制政权唯一的目标就是维持统治，进而使用权力获利，如果统治者真的是为人民好，他们就不会搞专制了。

---

About this combination strategy of SNI whitelist + not blocking of fully randomized protocols, if you can read what I just said pilot what do I mean by this word. Let me make it clearer, initially this kind of thing was only available in Quanzhou, and later in Fuzhou, it was tested on a small scale, and I don't rule out continuing the rollout, and one day it will come to your house.

I think it is impractical:

• Fully randomized protocols are just easy to identify, but with the advanced encryption algorithms used in various protocols nowadays, I don't think GFW has the ability to decrypt
• If you think GFW is decrypted through a vulnerability, I think this may not be effective in the long run, after all, the wall software is constantly evolving
• Most of the current traffic carried by the wall software is TLS traffic, and there is not much useful information after decryption except the domain name that can be accessed. Do you think the censors are going to the trouble of implementing this strategy nationwide just to know the domain names of the websites people visit?
• Even without considering the effective persistence of the vulnerability, wouldn't it be both safe and stable if we could develop a private (not open source, only for our own use) protocol for wall climbing?
• I think the censors would certainly take these issues into account and they would not do so

I also often say that it is really not difficult and expensive to block most of the wall traffic accurately, but there are always people who don't believe me, do I have to write a bunch of Trojan-killer to believe it?

I remember when there was a big blockade last October, there were normal sites that were mistakenly blocked, and this is still not a case of completely blocking the wall traffic, if it's not hard, how do you explain this mistaken blockage? I've seen you write about this Trojan-killer, but you should know that it's not unavoidable.

Those "circumvention strategies" are basically give SSR its proper name reinventing SSR, which history has long proven to be a dead end, and even historically SSR has been more stable and accurate than SS blocking.

According to the article you cited earlier, these circumvention strategies are still in effect, so how is it a dead end? The battle between the censor and the censored is a back-and-forth, you can't assume it's a dead end just because it's been blocked before, and don't overestimate GFW's Wafangdian technology.

The biggest contradiction of your speculation is that the SNI whitelist region wants you to use these fully randomized protocols, not even on the "circumvention strategy" to block you, but for these protocols, cost-saving rules can already be blocked very accurately, significantly increasing the cost of deep learning to pursue "more accurate blocking" almost no realistic sense. So it must not be the purpose.

According to the information I learned, in recent years, many people in China have been using machine learning, deep learning and other techniques to identify SS and other wall protocols, if those cost-saving rules can really result in accurate blocking, then what is the significance of these studies? And as you said, GFW is very complex, and the network traffic in China is very diverse, I don't think anyone can arbitrarily say "accurate blocking".

That's one of the things GFW does, but it's just trying to prevent the general public from accessing this information, communicating in real time, and raising the bar so that only some people can get through, not blocking it. You do not know GFW long know that you are climbing the wall, just before not block you, tag a sentiment, match tg send messages time, length, along the network line to catch individuals. The above is two or three years ago from the "insider" news, you engage in economic, scientific research, writing code, no problem, you want to go on what big what, it is dangerous, this is the meaning of monitoring.

I think the reason for not blocking is very simple, that is, the censor can not achieve accurate blocking, and do not want to mistakenly block too much normal traffic. If you're talking about the "insider" message, I've seen it before in this repo. I believe GFW has monitoring capabilities, as I said in my reply above, but that's not the main purpose of GFW.

I think you, like most Chinese people, always think that the current authoritarian regime is still serving the people, and that even if GFW is introduced, it is to block the so-called "bad information" and not to affect the people's economy, research, and code writing. I don't want to refute this view anymore, because I know that no amount of evidence can change your "Ah Q" thinking.

By the way, my point is that the only goal of authoritarian regimes is to maintain their rule and thus use their power for profit.

[RPRX]

@beavailable 其实我不希望，也没有太多时间与你辩论什么，我只是按我的研究、信息、认知来发言。关于技术的部分，你的说法存在一些误区，这是由于你对技术的研究不够广、不够深导致的，但逐条回复并向你解释清楚很耗时间，我不是来这里教学。关于“内鬼”的部分，我已经说了那是两三年前我们所获知的私有信息，而你看到的信息是去年底有人在这里公开发的，时间点都不一样，为什么你觉得是同一份？其实这份私有信息，参与那份论文的一些早期开发者也知道，都可以证明，只是两三年前我们没有给公众说那么多，因为可能会导致信息源的中断，现在你知道了，如果你不愿意相信，那是你的问题。现在我这边仍掌握很多还不适合公开的信息，除非你觉得你掌握的内幕信息比我们多。基本上，我觉得讨论是可以的，但我不太喜欢这种，一个未经证实技术比我强的人，过度向我质疑技术的部分，一个未经证实信息比我多的人，过度向我质疑信息的部分，在我看来是无理取闹。

Actually I don't want to, and don't have much time to debate anything with you, I'm just speaking according to my research, information, and perception. On the technology part, there are some misconceptions in your statement, which is caused by your lack of broad and deep research on technology, but it's time consuming to reply item by item and explain to you clearly, I'm not here to teach. About the "insider" part, I already said that it was private information we were informed two or three years ago, and the information you saw was posted publicly here at the end of last year, the timing is different, why do you think it is the same? Actually this private information, which was known to some of the early developers involved in that paper, can be proven, it's just that two or three years ago we didn't tell the public that much because it might lead to a break in the information source, and now you know it, and if you don't want to believe it, that's your problem. Now I still have a lot of information on my side that is not yet appropriate for public consumption, unless you think you have more insider information than we do. Basically, I think the discussion is fine, but I don't really like this, the part where someone with unproven technology that is better than mine, overly questions me about the technology, and the part where someone with more unproven information than mine, overly questions me about the information, seems unreasonable to me.

[beavailable]

你不是在向我解释，你是在向所有人解释。如果你觉得不用论证就可以按照自己的想法发表观点，那和造谣有什么区别？ 我对那个 issue 的时间记不太清了，这点是我的错，我承认。 你只说有来自”内鬼“的消息，没说是什么消息，你让别人怎么相信你？如果你觉得现在不适合公开信息，那为什么要提”内鬼”？等你能公开的时候再说不行吗？ 你不能仅仅因为自己说了有人提供信息就让别人相信你吧，具体是什么信息也不说，这和统治者捏造“境外势力”有什么区别？

我质疑你的结论的合理性与可行性，无论是从技术上，还是从逻辑上，你都没有给出合理的解释，反而还居高临下地指责别人无理取闹。 我也懒得跟你争论了，让时间证明一切吧。

You're not explaining it to me, you're explaining it to everyone. If you think you can make a point as you see fit without argument, what's the difference between that and disinformation? I don't remember the time of the issue very well, my bad, I admit it. You only said you had information from an "insider", but you didn't say what it was, how do you expect people to believe you? If you don't think it's appropriate to disclose information now, then why mention the "insider"? Can't you wait until you can make it public? You can't make people believe you just because you say someone has provided information, but you don't say what the information is, what is the difference between this and the rulers fabricating "foreign powers"?

I question the reasonableness and feasibility of your conclusion, both technically and logically, you have not given a reasonable explanation, but instead you are condescendingly accusing others of being unreasonable. I don't care to argue with you anymore, let time prove everything.

[RPRX]

麻了，是什么消息，我不是已经加粗了吗？？

你不知道 GFW 早就知道你在翻墙，只是以前不封你而已，标记个情商，匹配一下 tg 发消息时间、长度，顺着网线抓个人。

Ma, what is the message, have I not already bolded it?

You do not know GFW long ago knew that you are climbing the wall, just before not block you, tag a sentiment, match tg send messages time, length, along the network line to catch individuals.

[beavailable]

你不知道 GFW 早就知道你在翻墙，只是以前不封你而已，标记个情商，匹配一下 tg 发消息时间、长度，顺着网线抓个人。

这是什么消息，你新造的谣吗？消息来源呢？证据呢？

我们都知道 GFW 是很复杂的，还有前述文章中提到的 1/4 策略，再加上要控制误封率，导致有少数漏网之鱼是很正常的，这不能说明是 GFW 故意放行的（除正在讨论的 SNI 白名单地区外）。

---

You do not know GFW long ago knew that you are climbing the wall, just before not block you, tag a sentiment, match tg send messages time, length, along the network line to catch individuals.

What is this news, your new rumor? Where is the source? Where is the evidence?

We all know that GFW is very complicated, and the 1/4 policy mentioned in the aforementioned article, plus the need to control the false blocking rate, it is normal to have a few missed cases, this does not mean that GFW deliberately let them go (except for the SNI whitelisted areas under discussion).

[RPRX]

你不知道 GFW 早就知道你在翻墙，只是以前不封你而已，标记个情商，匹配一下 tg 发消息时间、长度，顺着网线抓个人。

这是什么消息，你新造的谣吗？消息来源呢？证据呢？

这个消息我在上面已经发过了，你当时不反驳，甚至说自己看过，现在就“新造的谣”？你这不就是在无理取闹吗？ 消息来源，你觉得我应该说吗？我说了，一些早期开发者也知道，都可以证明，你觉得造谣的敢这么说吗？

两年前我放出了同一个“内鬼”给我们的一部分消息：https://github.com/XTLS/Xray-core/discussions/593#discussioncomment-845165 就提到了情商，你可以看出当时我们就知道。 去年底有人做实验证实了：https://github.com/XTLS/Xray-core/discussions/1295#discussioncomment-4113080 ，https://github.com/net4people/bbs/issues/129#issuecomment-1308102504 ，可以看出这位“内鬼”说的是实话。

知名反审查社区告诉你，我们有内部消息，你说是造谣，你也是前无古人。

---

You do not know GFW long ago knew that you are climbing the wall, just before not block you, tag a sentiment, match tg send messages time, length, along the network line to catch individuals.

What is this news, your new rumor? Where is the source? Where is the evidence?

I already posted this message above, you did not refute it at the time, even said you had read it, and now you are "new rumors"? Aren't you just being unreasonable? Sources, do you think I should say? As I said, some early developers know about it and can prove it, do you think the rumor-monger would dare to say so?

Two years ago I released part of the same "insider" message to us: https://github.com/XTLS/Xray-core/discussions/593#discussioncomment-845165 mentions emotional intelligence, and you can see that we knew it at the time. At the end of last year someone did an experiment to confirm it: https://github.com/XTLS/Xray-core/discussions/1295#discussioncomment-4113080, https://github.com/net4people/bbs/issues/129#issuecomment-1308102504, and you can see that this "insider" was telling the truth.

The well-known anti-censorship community told you that we have inside information, and you said it was a rumor, you are also the first person to do so.

[beavailable]

我重新过了一遍你的回复，关于这点：

你不知道 GFW 早就知道你在翻墙，只是以前不封你而已，标记个情商，匹配一下 tg 发消息时间、长度，顺着网线抓个人。

你是对的，我之前没看清楚，是我的错。

现在，我认同你的关于 GFW 正在放松封锁并加强监控能力的观点。但我还是认为所谓的“降级攻击”没有合理性也没有可行性，原因我在上面已经说过了。

最基本的问题是，如果要监控翻墙流量，GFW 必须有能力解密至少大多数翻墙流量，问题是它有吗？ 就算它有，那么付出巨大成本实施这套方案之后，如果翻墙软件改进了协议，GFW 也不可能一直拥有解密能力。

---

I re-read your reply, on this point:

You do not know GFW long ago knew that you are climbing the wall, just before not block you, tag a sentiment, match tg send messages time, length, along the network line to catch individuals.

You're right, I didn't see it clearly before, it's my fault.

Now, I agree with your point about GFW is loosening the blocking and strengthening the monitoring capability. But I still don't think the so-called "downgrade attacks" are justified or feasible, for the reasons I've stated above.

The basic problem is that to monitor wall traffic, the GFW must be able to decrypt at least most of it, and the question is, does it? Even if it has, then after paying a huge cost to implement this program, if the wall software improves the protocol, GFW can not always have the ability to decrypt.

[RPRX]

现在，我认同你的关于 GFW 正在放松封锁并加强监控能力的观点。

我纠正一下，不同地区有不同的策略，去年底开始一些监控手段已用于封锁，但现在 SNI 白名单地区出现了这种非常反常的现象。

但我还是认为所谓的“降级攻击”没有合理性也没有可行性，原因我在上面已经说过了。 最基本的问题是，如果要监控翻墙流量，GFW 必须有能力解密至少大多数翻墙流量，问题是它有吗？

这就是我说的，技术的 广度 与 深度。比如说，前面你说不封死是因为 GFW 不能实现精准封锁，但实际上一个回国流量就能精确匹配到个人了，基本上与你用什么协议无关，这是你没想到的吧？GFW 很早就有这个能力了，以前它是用来监控，没有用来封锁。像这样的信息我早就说过了，很多人都知道，你不知道，所以我说是你的研究不足、我不是来教学。其实想识别翻墙有很多条路，其中很多是与协议本身无关的，通杀的，类似于“旁路攻击”，包括最近热门的 DNS、WebRTC 泄露，这是技术的广度。

关于“监控”，即使不解密，依然可以从包长、时间等分析出很多信息，比如我经常推荐的黑镜第一集，你用多级代理干坏事，我匹配你流量大小行不行？你天天在 tg 键政得热火朝天，我匹配你发消息的时间，以及字数导致的包长变化，然后给你上门送温暖行不行？所以我不公开用 tg。你那一两层加密掩盖不了宏观行为特征，我通过内层网站 TLS 握手消息的长度加对后续流量时序特征的匹配猜一猜你在上哪个网站行不行？不解密对“恶意加密流量”进行分类，有很多研究，你可以去搜，这是技术的深度。

能解密的话就更精准，但并不是你想的什么破解 AES。你还是没有认真看我最开始发的信息，我说的是“通过某种方式拿到密码”，并且文末有一个链接 https://github.com/XTLS/Xray-core/discussions/1811#discussioncomment-5355075 ，我估计你是压根就没有点进去，你应该先仔细看我发了什么，再来发言，否则我真的不想回复。只要你用国产手机，就不要想有什么隐私了，比如大多数人手机里有反诈天天扫你 APP，GFW 想拿你密码不是轻而易举？SNI 白名单地区明确希望你用这些原始的全随机数裸协议，再加上 GFW 的监控前科，你觉得是什么？

就算它有，那么付出巨大成本实施这套方案之后，如果翻墙软件改进了协议，GFW 也不可能一直拥有解密能力。

首先它不是破解 AES，所以成本不巨大。其次，如果没有我给他们提醒，不就是转向用全随机数裸协议吗？GFW 不封就一直用。 现在你用 REALITY 或 REALITY over SS 都能避免被解密，后者非常有趣。VLESS 的前向安全加密也在计划中，今年内出吧。 你看除了我，还有谁热衷于代理协议的前向安全等高级安全特性？若没有我在这个圈子呼吁、推动，GFW 真就一直拥有解密能力。

---

Now, I agree with your point about GFW is loosening blocking and strengthening monitoring capabilities.

I stand corrected, there are different strategies for different regions, and some monitoring has been used for blocking since the end of last year, but now there is this very unusual phenomenon in SNI whitelisted regions.

But I still think the so-called "downgrade attack" is neither reasonable nor feasible, for the reasons I've mentioned above. The basic problem is that to monitor wall traffic, GFW must have the ability to decrypt at least most of it, and the question is, does it?

That's what I'm talking about, the breadth and depth of the technology. For example, you said not to block because GFW can not achieve accurate blocking, but in fact a return traffic can be accurately matched to individuals, basically independent of what protocol you use, which you did not expect, right? GFW has long had this ability, it was used to monitor, not to block. Information like this I have long said, many people know, you do not know, so I say is your lack of research, I am not to teach. In fact, there are many ways to identify the wall, many of them are not related to the protocol itself, the kill, similar to the "bypass attack", including the recent popular DNS, WebRTC leaks, this is the breadth of technology.

About "monitoring", even if not decrypted, you can still analyze a lot of information from the packet length, time, etc., for example, I often recommend the first episode of Black Mirror, you use multi-level proxy to do bad things, I match your traffic size, okay? You are in tg key politics every day hot, I match the time you send messages, as well as the word count resulting in changes in packet length, and then send you warmth to your door, okay? So I don't use tg publicly. Your one or two layers of encryption can not cover the macro behavior characteristics, I guess through the length of the inner website TLS handshake message plus the matching of the subsequent traffic timing characteristics of which website you are on, okay? There are many studies on classifying "malicious encrypted traffic" without decryption, you can search for them, this is the depth of the technology.

If you can decrypt it, it's more accurate, but it's not what you're thinking of AES. You still didn't read my initial message carefully, I said "get the password somehow" and there's a link at the end of the article https://github.com/XTLS/Xray-core/discussions/1811#discussioncomment-5355075, I guess you are not clicked in at all, you should first look carefully at what I posted, and then speak, otherwise I really do not want to reply. As long as you use domestic cell phones, do not want to have any privacy, such as most people have anti-fraud apps scanning them daily in their phones, GFW want to take your password is not easy? SNI whitelist areas clearly want you to use these original fully randomized protocols, plus GFW's monitoring of the former, what do you think?

Even if it did, then after paying a huge cost to implement this scheme, GFW could not always have the decryption capability if the walling software improved the protocol.

First of all, it's not cracking AES, so the cost is not huge. Secondly, if I didn't give them a heads up, they would have moved to a fully randomized protocol, and GFW would have kept using it if they didn't block it. Now you can avoid being decrypted with REALITY or REALITY over SS, the latter is very interesting, and forward secure encryption for VLESS is planned for this year. Do you see anyone else besides me who is keen on advanced security features such as forward security for proxy protocols? If I hadn't called and pushed for it in this circle, GFW would really have been able to decrypt it.

[beavailable]

但实际上一个回国流量就能精确匹配到个人了，基本上与你用什么协议无关，这是你没想到的吧？

我之前确实没有注意到这个问题。 关于“监控”，即使不解密，依然可以从包长、时间等分析出很多信息，比如我经常推荐的黑镜第一集，你用多级代理干坏事，我匹配你流量大小行不行？你天天在 tg 键政得热火朝天，我匹配你发消息的时间，以及字数导致的包长变化，然后给你上门送温暖行不行？~所以我不公开用 tg~。你那一两层加密掩盖不了宏观行为特征，我通过内层网站 TLS 握手消息的长度加对后续流量时序特征的匹配猜一猜你在上哪个网站行不行？不解密对“恶意加密流量”进行分类，有很多研究，你可以去搜，这是技术的深度。

这些我已经知道了。 能解密的话就更精准，但并不是你想的什么破解 AES。你还是没有认真看我最开始发的信息，我说的是“通过某种方式拿到密码”，并且文末有一个链接 XTLS/Xray-core#1811 (comment) ，我估计你是压根就没有点进去，你应该先仔细看我发了什么，再来发言，否则我真的不想回复。只要你用国产手机，就不要想有什么隐私了，比如大多数人手机里有反诈天天扫你 APP，GFW 想拿你密码不是轻而易举？SNI 白名单地区明确希望你用这些原始的全随机数裸协议，再加上 GFW 的监控前科，你觉得是什么？

按照你的说法，识别是不太需要知道协议的。 按照我的理解，解密应该不是必需的功能，而且你说的方式应该也适用于基于 TLS 的翻墙协议吧？

既然识别和解密都对翻墙协议没有强依赖性，那这个 SNI 白名单作为试点意义何在？

---

But the fact that a return traffic is an exact match to an individual, basically independent of what protocol you use, is something you didn't expect, right?

I really hadn't noticed this before.

About "monitoring", even if not decrypted, you can still analyze a lot of information from the packet length, time, etc., for example, I often recommend the first episode of Black Mirror, you use multi-level proxy to do bad things, I match your traffic size, okay? You are in tg key politics every day hot, I match the time you send messages, as well as the word count resulting in changes in packet length, and then send you warmth to your door, okay? So I don't use tg publicly. Your one or two layers of encryption can not cover the macro behavior characteristics, I guess through the length of the inner website TLS handshake message plus the matching of the subsequent traffic timing characteristics of which website you are on, okay? There are many studies on classifying "malicious encrypted traffic" without decryption, you can search for them, this is the depth of the technology.

I already knew about these.

If you can decrypt it, it's more accurate, but it's not what you're thinking of AES. You still didn't read my initial message carefully, I said "get the password somehow" and there's a link at the end of the article https://github.com/XTLS/Xray-core/discussions/1811#discussioncomment-5355075, I guess you are not clicked in at all, you should first look carefully at what I posted, and then speak, otherwise I really do not want to reply. As long as you use domestic cell phones, do not want to have any privacy, such as most people have anti-fraud apps scanning them daily in their phones, GFW want to take your password is not easy? SNI whitelist areas clearly want you to use these original fully randomized protocols, plus GFW's monitoring of the former, what do you think?

According to you, identification is less necessary to know the protocol. As I understand it, decryption should not be a required feature, and the way you said it should also apply to TLS-based over-the-wall protocols, right?

What is the point of this SNI whitelist as a pilot, since there is no strong dependency on the wall protocol for both identification and decryption?

[RPRX]

按照你的说法，识别是不太需要知道协议的。

对

按照我的理解，解密应该不是必需的功能，而且你说的方式应该也适用于基于 TLS 的翻墙协议吧？ 既然识别和解密都对翻墙协议没有强依赖性，那这个 SNI 白名单作为试点意义何在？

错，如果不解密，只能说是猜。如果能解密，就是获取到了原始的上网流量，可以清楚地看到你的 DNS 请求、TLS SNI、你在上 TG 等明文内容，明文就已经泄露了很多信息，分析内层密文也更加容易。 比如说，有一些代理协议有随机 padding，如果无法解密，它会干扰审查者对流量的分析，解密了就没这层保护了。 比如说，以前我还要猜你哪条连接是 TG，解密了我明确知道你这条连接就是 TG，目标精准，狠狠分析。

基于 TLS 的翻墙协议，包括 REALITY，它拿到客户端配置，是没办法解密的。它拿到服务端私钥，以前的流量也没办法解密，只能中间人攻击以后的流量，若它没有进行实时的中间人攻击，以后的流量也无法解密。所以 TLS 是非常安全的。

SS、VMess 等协议，它拿到客户端配置，就能直接解密以前、以后的所有流量。你电脑和手机同一个节点，电脑的流量也能解密。GFW 可以默默记录你的流量，有需要时解密就行，你并不会知道 GFW 已经把你给看光了。

现在你知道这两者的区别，就明白为什么 GFW 要把你从 TLS 赶到 SS、VMess 了吧？

我觉得，“前向安全”等高级安全特性你不懂的话，怪不得你有这么多问题，你早说不懂啊，又浪费了我好多时间。 其实之前“全随机数裸协议，外观是一个样”那段，我还打了一些质疑你水平的话，但我觉得还是和平些，给删了。 我也不懂为什么，总是有一些小白来挑战我，而且这些小白总是信心满满。。。 不过不要误会，我觉得你还是有一些了解的，比纯小白强，但是以我的角度看，绝大多数人都是小白。。。 大概就是有一些了解，所以觉得自己已经很了解了，可以去挑战 RPRX 了。。。难顶

---

According to you, identify is less necessary to know the protocol.

Right.

As I understand it, decryption should not be a required feature, and the way you said it should also apply to TLS-based over-the-wall protocols, right? What is the point of this SNI whitelist as a pilot, since there is no strong dependency on the wall protocol for both identification and decryption?

No, if it is not decrypted, it is just a guess. If you can decrypt, it is to get the original Internet traffic, you can clearly see your DNS requests, TLS SNI, you are on TG and other plaintext content, the plaintext has given away a lot of information, and it is easier to analyze the inner ciphertext. For example, there are some proxy protocols have random padding, if you can not decrypt, it will interfere with the reviewer's analysis of traffic, decrypted without this layer of protection. For example, before I have to guess which connection is TG, decrypted I clearly know that your connection is TG, the target is precise, and the analysis is hard.

TLS-based over-the-wall protocols, including REALITY, even if it gets the client configuration, there is no way to decrypt. Even if it gets the server-side private key, there is no way to decrypt the previous traffic, only man-in-the-middle future traffic. If it does not carry out real-time man-in-the-middle attack, the future traffic can not be decrypted. Therefore, TLS is very secure.

SS, VMess and other protocols, it gets the client configuration, it can directly decrypt all the traffic before and after. GFW can record your traffic silently and decrypt it when you need it, and you won't know that GFW has seen all of you.

Now that you know the difference between the two, you understand why GFW wants to drive you from TLS to SS and VMess, right?

I think, "forward security" and other advanced security features you do not understand, no wonder you have so many questions, you said you do not understand ah, and wasted a lot of my time. I'm sorry. In fact, before the "fully randomized, it looks the same" paragraph, I also typed some question your level of words, but I think it is still more peaceful, to delete. I don't understand why... I don't understand why, there are always some white people to challenge me, and these white people are always full of confidence. Don't get me wrong, I think you still have some understanding, better than pure white, but from my point of view, the vast majority of people are white. I think there is some understanding, so I think I already know enough to challenge RPRX... It's hard to top.

[beavailable]

我知道前向安全是什么，只是没有想得太深而已。

虽然我觉得你的想法有点疯狂，但是我已经理解了，你也可以停止自我吹嘘了。

I know what forward security is, I just haven't thought about it too deeply.

Although I think your idea is a bit crazy, I've understood it and you can stop with the self-congratulation.

[RPRX]

恕我直言，如果你真的知道前向安全是什么，就不会说这些话：

而且你说的方式应该也适用于基于 TLS 的翻墙协议吧？ 既然识别和解密都对翻墙协议没有强依赖性

而且我没有在自我吹嘘，我只是说出了我的疑惑，因为今年以来这种情况已经发生 N 次了。 为什么总是有一些不常参与反审查的人，觉得他们比反审查社区的活跃成员更懂？ 不是说不可以讨论，讨论当然可以，只是这些人经常持有“我比你们更懂”的态度，真的是让人觉得。。。

---

With all due respect, if you really knew what forward security was, you wouldn't be saying this:

And the way you say it should also apply to TLS-based over-the-wall protocols, right? Since there is no strong dependency on the over the wall protocol for both identification and decryption

And I'm not bragging, I'm just stating my doubts, because this has happened N times this year. Why is it that there are always people who are not regularly involved in anti-censorship who feel they know more than the active members of the anti-censorship community? It's not that we can't discuss it, of course we can, it's just that the "I know more than you do" attitude that these people often have really gets to you.

[MisCusi2023]

😁看看讨论，挺长知识的。 真没想到GFW居然这么狡滑。

😁 Look at the discussion, quite extensive knowledge. I really didn't expect GFW to be so slick.

[chika0801]

感谢科普这方面的知识

Thanks for the knowledge in this area of science

[RPRX]

你天天在 tg 键政得热火朝天，我匹配你发消息的时间，以及字数导致的包长变化，然后给你上门送温暖行不行？

关于这一点我补充一下，这基本上是“内鬼”说的原始内容。我查询 MTProto 2 有 12-1024 字节的 padding，“字数导致的包长变化”应该是作为一种辅助认证的方式，对“先定位时间”的补充，比如说，必不少于多少字节。另一方面，一个汉字要占多个字节，所以这个 padding 乍一看很多，其实作用也很有限，你发的文字越长，就越容易分析。其实当时我们也想了一些方式来避免这些分析，比如说 TG 有定时消息的功能，它就能避免时间定位，但不是所有的软件/网站都有这个功能，并且绝大多数连 padding 都没。所以最根本的还是要把协议给做好，于是两年前我在不显眼的地方留下了名为“噪音”的彩蛋：https://github.com/v2ray/v2ray-core/issues/2526#issuecomment-783919763

不过我觉得近期的情况已经与两年前不太一样了，如今反诈到处都是，甚至有系统级内置反诈，这些东西以反诈的名义随意对你的手机进行扫描、上传，它也说得过去，大概这就是去年底 GFW 把一些监控手段转换为封锁手段的底气，毕竟已经在你家插眼了。

SNI 白名单地区的情况也证明了，那边的 GFW 也没想把翻墙封死，我们都知道它有省钱规则，加上不就齐活了，它却故意不用。它只是不想让你用 TLS，想让你用裸 SS、VMess，显然是有些目的在里面。当然，不排除它在特殊时期会切换到更严格的策略。

其实一般来说我们这些开发者是避免谈“监控”这个话题的，都在揣着明白装糊涂，能让你翻出去就行。因为“监控”大概率是汇报给另一套系统，国安之类的，如果你想对着干，那确实是有人间蒸发之类的好果子在等着你了。所以我也就聊聊天，其实也没干啥。

---

I'll match the time you send messages and the change in word count resulting in changes in packet length, and then deliver warmth to your door, okay?

Let me add that this is basically the original content of what the "insier" said. I check MTProto 2 has 12-1024 bytes of padding, and the "packet length variation due to word count" should be used as an auxiliary authentication method to supplement the "first location time", for example, it must be no less than a certain number of bytes. On the other hand, a Chinese character takes up more than one byte, so the padding at first glance is a lot, but in fact it is very limited, and the longer the text you send, the easier it is to analyze. In fact, we also thought of some ways to avoid these analyses, for example, TG has the function of timed messages, which can avoid time positioning, but not all software/websites have this function, and most of them don't even have padding. So the most fundamental thing is to get the protocol right, so two years ago I left an egg called "noise" in an inconspicuous place: https://github.com/v2ray/v2ray-core/issues/2526#issuecomment-783919763

But I think the recent situation is not quite the same as two years ago, now anti-fraud is everywhere, and even system-level built-in anti-fraud, these things in the name of anti-fraud to scan your phone at will, upload, it can be justified, probably this is the end of last year GFW to switch some monitoring means to blocking means the bottom, after all, eyes have been inserted in your home.

The situation in the SNI whitelist region also proves that the GFW there also does not want to block the wall, we all know it has cost-saving rules, plus not all live, that it deliberately does not use. It just does not want you to use TLS, wants you to use bare SS, VMess, obviously there is some purpose in it. Of course, do not rule out that it will switch to a stricter policy in special times.

In fact, generally speaking, we developers are avoiding the topic of "monitoring", are pretending to be confused, so you can turn out on the line. Because "monitoring" is likely to report to another set of systems, national security and so on, if you want to work against, it is indeed a good fruit such as evaporating in the waiting for you. So I also chatted, in fact, did not do anything.

[soulwood]

ss over reality的GitHub项目地址有吗

Do you have the GitHub project address for ss over reality?

[UjuiUjuMandan]

这是为了推广自己的REALITY的最新广告吗？

在代理软件普遍使用TLS之前，甚至clowwindy都说SSL不适合翻墙的时候，GFW干脆什么都不做直接监控不好吗。

---

Is this the newest advertisement for your REALITY software?

Before censorship circumvention software widely put TLS in use, when clowwindy even say SSL is not suitable bypassing GFW, why not GFW do nothing and just watch?

[klzgrad]

“泉州白名单”相关事件至少是存在的，但是它的范围、机制、程度都是有争议的，也有人汇报完全没有发现相关现象。上面文章给出的也只是用户反馈这个级别的引用，没有直接数据，是很弱的证据为基础的一种开头。

假设确实存在所谓SNI白名单式阻断策略，也无法由此推断出它与降级攻击有关，因为其他一些不使用域名的并且具有完善加密栈的VPN协议也会被放行，而这些协议并没有被记录和后期解密的可行性。

假设确实存在所谓SNI白名单，并且假设实施该措施的决策者意图是通过降级攻击进行监控，这会导致手段与目的的矛盾：流量记录和后期解密所需要的研发、存储和算力运维成本只能与国安级别的需求匹配，不会有决策者会批准用这种预算的基础设施来监控谁上了什么黄网。但是国安级别的监控需求不会允许这种手段的不可靠性和随意性：降级并不是自动的，而是用户自发的，而且“降级”也并不会总是降到弱加密协议。这里的问题是从技术现象猜测政策意图时混淆了这个安全问题中的威胁模型，如果威胁是因为被阻断代理服务器而损失了可用性和成本，那么为什么很多更基本的代理方案不受影响，如果威胁模型是国家行动者级别的，那么这个技术策略也无济于事。

这个文章的主要问题还不是猜想有漏洞，而是把弱证据和猜想以确凿事实的口吻宣传出来，并且以FUD的形式贬低其他方案，进行自我宣传。这不是一种进行技术研究的正确姿态。

---

The "Quanzhou whitelist" related events at least exist, but its scope, mechanism, and extent are all controversial, and some people report no relevant phenomenon at all. The article above also gives only user feedback at this level of citation, no direct data, is very weak evidence based on a kind of beginning.

Assuming that the so-called SNI whitelist blocking policy does exist, it cannot be inferred that it is related to downgrade attacks, as other VPN protocols that do not use domain names and have well-developed encryption stacks are also allowed, and these protocols are not recorded and decrypted later.

Assuming that a so-called SNI whitelist does exist, and assuming that the policymakers implementing the measure intend to monitor via downgrade attacks, this leads to a contradiction between the means and the end: the R&D, storage, and computing power operation and maintenance costs required for traffic logging and post-decryption can only be matched by national security-level requirements, and no policymaker would approve such a budgeted infrastructure to monitor who is on what porn network. But the need for national security level monitoring would not allow for the unreliability and arbitrariness of such means: downgrading is not automatic, but user-initiated, and "downgrading" is not always down to weak encryption protocols. The problem here is that guessing policy intent from technical phenomena confuses the threat model in this security problem. If the threat is a loss of availability and cost due to blocked proxies, then why are many more basic proxy solutions unaffected, and if the threat model is at the state actor level, then this technical strategy does not help.

The main problem with this article is also not that the conjecture is flawed, but that it promotes weak evidence and conjecture in the tone of hard facts, and self-promotes by disparaging other options in the form of FUD. This is not a proper posture for conducting technical research.

[RPRX]

ss over reality的GitHub项目地址有吗

不是 SS over REALITY，而是 REALITY over SS，你可以参考 https://github.com/XTLS/Xray-core/discussions/1811 ，把 Socks5 改成 SS 就行了 不过，我们群里有一位 github.com over Socks5 用了很长时间都没有封，因地区而异，不知道现在封了没

Not SS over REALITY, but REALITY over SS, you can refer to https://github.com/XTLS/Xray-core/discussions/1811, change Socks5 to SS and it will work However, there is a github.com over Socks5 in our group that has not been blocked for a long time, it varies from region to region, I don't know if it is blocked now

[RPRX]

这是为了推广自己的REALITY的最新广告吗？

REALITY 已经很多了，甚至我都觉得 Xray 的 issue 太多，并且这里说的是警惕 SNI 白名单地区的情况，你觉得“推广”有多少收益？

这里本来就有很多关于 REALITY 的讨论，伊朗人都告诉你只有 REALITY 这类协议存活状况良好，我有必要再在这里打广告？

我提醒你们，要警惕这种降级攻击，并且现状就是 SNI 白名单地区要么 REALITY 类要么 SS 类，我结尾提一下你觉得是打广告？

在代理软件普遍使用TLS之前，甚至clowwindy都说SSL不适合翻墙的时候，GFW干脆什么都不做直接监控不好吗。

首先我必须要表明，我和 clowwindy 的观点完全相反。其次，那个时期云服务并不流行。最后，当时有没有监控，我们并不知道。

---

Is this the newest advertisement for your REALITY software?

There is already a lot of REALITY, even I think there are too many Xray issues, and this is a case of being wary of SNI whitelisted areas, how much do you think "promotion" pays?

There is already a lot of discussion about REALITY here, Iranians are telling you that only REALITY type of protocols are surviving well, do I need to advertise here again?

I remind you to be wary of such downgrade attacks and the status quo is that SNI whitelist areas are either REALITY class or SS class, do you think I am advertising by mentioning it at the end?

Before censorship circumvention software widely put TLS in use, when clowwindy even say SSL is not suitable bypassing GFW, why not GFW do nothing and just watch?

First of all, I have to say that I have the opposite view from clowwindy. Secondly, cloud services were not popular at that time. Finally, at that time there was no monitoring, we do not know.

[RPRX]

“泉州白名单”相关事件至少是存在的，但是它的范围、机制、程度都是有争议的，也有人汇报完全没有发现相关现象。上面文章给出的也只是用户反馈这个级别的引用，没有直接数据，是很弱的证据为基础的一种开头。

我只说事实：

1. 在活跃的 Project X 万人群，我们长期收到泉州白名单的报告，并且没有人报告人在泉州且不是白名单
2. 由于经常看到有人说泉州可以用 SS 类，并且前天群里有讨论，所以前天晚上我在频道发起了三次投票想要收集 SNI 白名单地区 IPv4 TCP 是否不封锁 SS 的信息，但数据均明显异常，比如不可能有那么多人，后来我直接发频道消息询问，结果如下：

• 有三名来自泉州的群友表示他们是白名单但 IPv4 TCP 不封锁 SS 类
• 有一名来自福州的群友表示他是白名单但 IPv4 TCP不封锁 SS 类（根据我们掌握的信息，至少福州电信存在白名单）
• 没有任何来自中国的群友表示他是白名单且 IPv4 TCP 封锁 SS 类
• 需要说明的是，“投票”的消息由于数据明显异常，我删掉了，询问的消息被“警惕”顶替了

3. 如你所见，这个“警惕”，一开始我只发了频道消息，我们后台可以看到频道消息有很多转发，仍没有人向我们报告相反的信息
4. 所以我把消息转发到这里，其实也是想看有没有人会报告相反的信息，两天过去了，仍没有人向我们报告相反的信息

当然还有一种可能是，泉州封得严的根本上不来，无法报告，但是我们掌握的信息是泉州仍能使用 SS 类、REALITY 类。

我只能调查，无法去泉州本地实地测试，也没有购买其 VPS 的计划。如果你有更多的信息，欢迎你分享出来。 比如“也有人汇报完全没有发现相关现象”我觉得可能是存在的，希望你能分享更多细节，有链接就更好了。 毕竟标题也写了是“SNI 白名单地区”，并且我说了泉州、福州有，并没有说他们全市、全运营商都是。

---

The "Quanzhou whitelist" related events at least exist, but its scope, mechanism, and extent are all controversial, and some people report no relevant phenomenon at all. The article above also gives only user feedback at this level of citation, no direct data, is very weak evidence based on a kind of beginning.

I'll just state the facts:

1. Among the active Project X 10,000 people, we have been getting reports of Quanzhou whitelisting for a long time, and no one has reported that people are in Quanzhou and not whitelisted
2. Since I often see people saying that Quanzhou can use SS class and there was a discussion in the group the day before yesterday, I launched three polls in the channel the night before yesterday to collect information on SNI whitelist areas IPv4 TCP whether SS is not blocked, but the data are all obviously abnormal, for example, there can't be that many people, and then I sent a direct channel message asking about it, and the result is as follows:
   • Three group members from Quanzhou said they are whitelisted but IPv4 TCP does not block SS class
   • One group member from Fuzhou said he is whitelisted but IPv4 TCP does not block SS class (according to the information we have, at least Fuzhou Telecom exists whitelist)
   • No group member from China said he is whitelisted and IPv4 TCP blocks SS classes
   • It should be noted that I deleted the "vote" message due to apparently unusual data, and the query message was replaced by "alert".
3. As you can see, this "alert", at first I only sent the channel message, we can see in the background that the channel message has a lot of forwarding, still no one reported to us the opposite information
4. So I forwarded the message here, in fact, to see if anyone will report the opposite information, two days later, still no one reported to us the opposite information

Of course there is a possibility that Quanzhou sealed tightly simply can not get on, can not report, but the information we have is that Quanzhou can still use SS class, REALITY class.

I can only investigate, can not go to Quanzhou local field test, also have no plans to buy its VPS. If you have more information, you are welcome to share it. For example, "some people also reported no relevant phenomenon" I think it may exist, I hope you can share more details, it would be better to have a link. After all, the title also says "SNI whitelist area", and I said Quanzhou and Fuzhou have it, not that they are the whole city, the whole operator.

[RPRX]

假设确实存在所谓SNI白名单式阻断策略，也无法由此推断出它与降级攻击有关，因为其他一些不使用域名的并且具有完善加密栈的VPN协议也会被放行，而这些协议并没有被记录和后期解密的可行性。

这个说法并没有考虑到现实情况，现实情况是，绝大多数用户就是在 SS 类、TLS 类之间转来转去，前者不行了用后者，后者不行了试前者，我相信你是清楚的。用户本来用着 TLS，结果被白名单了，去用 VPN 的是极少数，绝大多数人发现 SS 能用就会用。当然由于有 REALITY 的加入，还会有人用 REALITY 类，但 REALITY 是近期才开始流行的，并且此前 ShadowTLS 并不流行（即使流行，它本质上也是 SS），所以 SNI 白名单+不封锁全随机数裸协议这种组合策略的原本预期就是希望 TLS 类滑向 SS 类，即降级攻击。

你可以看到我非常关注“IPv4 TCP”，因为其它地区经常有报告 IPv4 TCP 封锁 SS 类，前面提到的论文也记载了这一事实。 所以 SNI 白名单地区并不是没有能力封锁 SS 类，而且“省钱规则”的成本并不高，它是完全有能力封但不封。

对了，关于“其他一些不使用域名的并且具有完善加密栈的VPN协议也会被放行”，你需要补充更多细节以佐证你的说法。

---

Assuming that the so-called SNI whitelist blocking policy does exist, it cannot be inferred that it is related to downgrade attacks, as other VPN protocols that do not use domain names and have well-developed encryption stacks are also allowed, and these protocols are not recorded and decrypted later.

This statement does not take into account the reality, the reality is that the vast majority of users just switch between SS class, TLS class, the former does not work with the latter, the latter does not work to try the former, I believe you are well aware. Users were using TLS, but the result was whitelisted, to use VPN is a very small number of people, the majority of people found that SS can be used. Of course, because of the addition of REALITY, there will be people using REALITY class, but REALITY is only recently become popular, and before ShadowTLS is not popular (even if popular, it is essentially SS), so the SNI whitelist + not blocking fully randomized protocols strategy combination is expected to TLS class slide into SS class, that is, downgrade attacks .

You can see that I am very concerned about "IPv4 TCP" because IPv4 TCP blocking SS classes is frequently reported in other regions, a fact documented in the paper mentioned earlier. So it's not that SNI whitelisted regions are incapable of blocking SS classes, and the cost of the "cost-saving rule" is not so high that it is perfectly capable of blocking but not blocking.

By the way, you need to add more details to support your claim that "other VPN protocols that do not use domain names and have well-developed encryption stacks are also allowed".

[UjuiUjuMandan]

我们群里有一位 github.com over Socks5 用了很长时间都没有封，因地区而异，不知道现在封了没

Socks5我一直在用直到2周之前，已经几个月了都没有封，最后不再用的原因是用它访问一些被屏蔽网站（看不出有何规律）会直接被重置连接，奇怪的是，访问知名的Google、Twitter、Wikipedia等等都不会被重置。按照你的说法，GFW也是能从Socks5看到使用者访问的网站的，但是就故意不封，监视并默默记录，好可怕哦。

---

There is a github.com-over-Socks5 guy in our group who has not been blocked it for a long time, it varies from region to region, I don’t know if it is blocked now

I have been using Socks5 until 2 weeks ago, and it has not been blocked for several months. The reason why I no longer use it is that when I use it to visit some blocked websites (I can’t see any rules), the connection will be reset directly. The strange thing is that visiting well-known Google, Twitter, Wikipedia, etc. will not be reset. According to what you said, GFW can also see the websites visited by users through Socks5, but it deliberately does not block them, monitors and records them silently, wow so horrifying.

[RPRX]

我们群里有一位 github.com over Socks5 用了很长时间都没有封，因地区而异，不知道现在封了没

Socks5我之前就在用，几个月了都没有封，最后不再用的原因是用它访问一些被屏蔽网站（看不出有何规律）会直接被重置连接，奇怪的是，访问知名的Google、Twitter、Wikipedia等等都不会被重置。按照你的说法，GFW也是能从Socks5看到使用者访问的网站的，但是就故意不封，监视并默默记录，好可怕哦。

首先直接用 Socks5 的人很少，但我姑且先不怀疑你这段的真实性。

然而，你的逻辑漏洞过于明显，你都说了访问一些被屏蔽网站会被重置，那你说 GFW 有没有在识别你的流量？还“好可怕哦”

你不继续用它而开始用其它协议，不就是因为其它协议没这种状况吗？

---

First of all there are very few people who use Socks5 directly, but I will not doubt the veracity of your paragraph for now.

However, your logic hole is too obvious, you have said that access to some blocked sites will be reset, then you said that GFW is not identifying your traffic? It's also "horrifying"

You don't continue to use it and start using other protocols, isn't it because other protocols don't have this condition?

[RPRX]

假设确实存在所谓SNI白名单，并且假设实施该措施的决策者意图是通过降级攻击进行监控，这会导致手段与目的的矛盾：流量记录和后期解密所需要的研发、存储和算力运维成本只能与国安级别的需求匹配，不会有决策者会批准用这种预算的基础设施来监控谁上了什么黄网。但是国安级别的监控需求不会允许这种手段的不可靠性和随意性：降级并不是自动的，而是用户自发的，而且“降级”也并不会总是降到弱加密协议。这里的问题是从技术现象猜测政策意图时混淆了这个安全问题中的威胁模型，如果威胁是因为被阻断代理服务器而损失了可用性和成本，那么为什么很多更基本的代理方案不受影响，如果威胁模型是国家行动者级别的，那么这个技术策略也无济于事。

1. 我已经说了“因为“监控”大概率是汇报给另一套系统，国安之类的”。不过“内鬼”并没有说过是汇报给谁，这是我的看法。
2. 当然不是为了“监控谁上了什么黄网”，上黄网的人太多了。前面我说了一个“什么大什么”，你猜猜这是什么网？
3. 关于“降级”这部分的说法你是基于你上一段的分析，然而你上一段的分析并没有考虑到现实情况。 关于“自动”还是“自发”，你把 TLS 给白名单了，那原来用 TLS 的要不要找出路？至于他们会怎么找出路，上一段我分析过了。
4. 由于你的分析过程存在偏差，所以你的结论存在偏差。

---

Assuming that a so-called SNI whitelist does exist, and assuming that the policymakers implementing the measure intend to monitor via downgrade attacks, this leads to a contradiction between the means and the end: the R&D, storage, and computing power operation and maintenance costs required for traffic logging and post-decryption can only be matched by national security-level requirements, and no policymaker would approve such a budgeted infrastructure to monitor who is on what porn network. But the need for national security level monitoring would not allow for the unreliability and arbitrariness of such means: downgrading is not automatic, but user-initiated, and "downgrading" is not always down to weak encryption protocols. The problem here is that guessing policy intent from technical phenomena confuses the threat model in this security problem. If the threat is a loss of availability and cost due to blocked proxies, then why are many more basic proxy solutions unaffected, and if the threat model is at the state actor level, then this technical strategy does not help.

1. I've already said "because the probability is that the "monitoring" is reported to another system, national security or whatever". But the "insider" did not say who it is reported to, this is my opinion.
2. Of course not to "monitor who is on what pornographic network", there are too many people on the pornographic network. I said earlier a "something big something", guess what network it is?
3. About the "downgrade" part of the statement you based your analysis on the previous paragraph, but your analysis in the previous paragraph does not take into account the reality of the situation. Regarding "automatic" or "user-initiated", you whitelisted TLS, should the original TLS users find a way out? As for how they will find a way out, I have analyzed it in the previous paragraph.
4. As your analysis process is biased, so your conclusion is biased.

[RPRX]

这个文章的主要问题还不是猜想有漏洞，而是把弱证据和猜想以确凿事实的口吻宣传出来，并且以FUD的形式贬低其他方案，进行自我宣传。这不是一种进行技术研究的正确姿态。

你觉得是“弱证据”，我已经补充了更多信息 https://github.com/net4people/bbs/issues/254#issuecomment-1564624798 ，虽然它仍是“用户反馈这个级别的引用”，但它就是多名用户的真实反馈，最关键的是，截至目前：

• “警惕”那条消息已有 5005 views，5 Public Shares（频道），98 Private Shares（群组或私聊）
• 第二条消息已有 3362 views，2 Public Shares，27 Private Shares
• 第三条消息已有 1771 views，2 Public Shares，19 Privete Shares

这已经算是广泛传播了吧？并且这些消息已经在 Project X 拥有 12387 members 的群组中置顶两天多了，我们群组每天有几 K 的技术讨论信息，属于是这个圈子中非常活跃的交流群组、信息集散地，然而，仍没有任何中国人报告他是 SNI 白名单且封锁 SS 类。

同样，这个 issue 在这里也挂两天多了，并没有任何中国人报告他是 SNI 白名单且封锁 SS 类，这些情况已经能说明问题了。

你说的“猜想”是我的逻辑分析，但是我需要提醒你，该文标题起的是“警惕”，内容上，“故意留的口子”是基于它完全有能力封 SS 类却不封的客观事实，最关键的“降级攻击”的结论是“所以我认为”，我是说基于这些情况我只能推出这个结论，都能看出这是推导。

关于你说的“FUD”，你回答我以下问题：

1. 两年前我就在 SS 呼吁做前向安全，然而至今，SS、VMess 有没有做前向安全？你的意思是他们不做，我还不能说了吗？
2. 拿到 SS、VMess 的密码，结合流量时间，是否能解密之前、之后使用这一密码的所有流量？这不是事实吗？
3. 通过手机应用云备份、输入法、剪贴板、反诈扫描翻墙软件等方式，拿到你手机里的 SS、VMess 密码是做不到的吗？

这类协议是切实存在风险的，本来就应该有人指出，并推动“前向安全”等高级安全特性，我也曾呼吁他们做，你觉得这是“FUD”？

关于我需不需要在这里“自我宣传”，已经说过了 https://github.com/net4people/bbs/issues/254#issuecomment-1564559977 ， 至于“技术研究的正确姿态”，又是你通过偏差推出来的偏差。

不过我可以明确说，你可以有你的看法，我可以有我的做法，我也并不觉得，我需要保持你觉得的“正确姿态”才能进行“技术研究”。

---

The main problem with this article is also not that the conjecture is flawed, but that it promotes weak evidence and conjecture in the tone of hard facts, and self-promotes by disparaging other options in the form of FUD. This is not a proper posture for conducting technical research.

You think it is "weak evidence", I have added more information https://github.com/net4people/bbs/issues/254#issuecomment-1564624798, although it is still "user feedback at this level of citation", but it is real feedback from multiple users, and most critically, as of now:

• The "be wary" message has 5005 views, 5 Public Shares (channel), 98 Private Shares (group or private chat)
• The second message has 3362 views, 2 Public Shares, 27 Private Shares
• The third message has 1771 views, 2 Public Shares, 19 Private Shares

That's wide distribution, right? And these messages have been on the top of Project X's group of 12387 members for more than two days. Our group has several K technical discussions per day, and is a very active communication group and information hub in this circle, yet still no Chinese has reported him as SNI whitelisted and blocked SS category.

Again, this issue has been up here for more than two days, and no Chinese have reported him as SNI whitelisted and blocked SS, which speaks volumes.

Your "conjecture" is my logical analysis, but I need to remind you that the title of the article is "be wary" and the content, "intentionally left open" is based on the objective fact that it is fully capable of blocking. The most crucial conclusion of "downgrade attack" is "so I think", I mean based on these circumstances I can only launch this conclusion, all can see that this is deduction.

About your "FUD", you answer me the following questions:

1. Two years ago I called for forward security in SS, however, so far, SS and VMess have not done forward security? Do you mean they don't do it, so I can't say anything?
2. Is it possible to get the password of SS, VMess and combine it with the traffic time to decrypt all the traffic that used this password before and after? Isn't that a fact?
3. Is it impossible to get the SS, VMess password in your phone through mobile application cloud backup, input method, clipboard, anti-fraud scanning over-the-wall software, etc.?

These kinds of protocols are a real risk, and someone should have pointed them out and pushed for advanced security features like "forward security", which I have called on them to do, and you think this is "FUD"?

As for the need for me to "self-promote" here, it has already been said https://github.com/net4people/bbs/issues/254#issuecomment-1564559977, as for "correct posture for conducting technical research", again, you are introducing bias through bias.

But I can clearly say that you can have your opinion, I can have my approach, and I don't feel that I need to maintain what you feel is the "right posture" in order to conduct "technical research".

[RPRX]

再补充一点，前文所述之“封锁”，指的是立刻封或一段时间后封，如果说你试了一下 SS 发现没被立刻封，这还不能确定是不封。

当天向我们报告的 SNI 白名单地区群友中有两位就是常用裸 SS 类，可以查看 2023 年 5 月 23 日的聊天记录，有聊到这件事。

重申一下矛盾点：你都能不在乎附带伤害，对 TLS 类上 SNI 白名单了，却不封 SS 类？你又不是没有技术，封它又不烧钱。

---

To add to this, the "blocking" mentioned above refers to either immediate blocking or blocking after a period of time, so if you try SS and find that it is not immediately blocked, this is not definitive.

Two of the SNI whitelist area group members who reported to us that day were in the common bare SS category, so check out the chat log from May 23, 2023, for a chat about this.

To reiterate the contradiction: you don't care about collateral damage and whitelist TLS classes on SNI, but you don't block SS classes? It's not like you don't have the skills to block it without burning a hole in your pocket.

[wkrp]

@RPRX, I must ask you to take a break and cool off, please. The informational content of your posts is being overshadowed by their defensive tone. I am willing to let you have this discussion here, but only if all participants are respectful. When you make strong claims, it is only natural that others will be skeptical and will want time to consider and debate them. If you believe in what you are saying, then you must be understanding and patient in your explanations. If there are disagreements from elsewhere, let's not bring them here. Whatever our differences, we are all working together.

I understand that you feel your thoughts have not been paid enough attention in the past, and I sympathize with that. Please take some time to think and consider your approach. We can continue, if it is in a spirit of cooperation.

[chika0801]

He always has this style, I like this kind of him, is the familiar him.

[Lather0519]

@RPRX, I must ask you to take a break and cool off, please. The informational content of your posts is being overshadowed by their defensive tone. I am willing to let you have this discussion here, but only if all participants are respectful. When you make strong claims, it is only natural that others will be skeptical and will want time to consider and debate them. If you believe in what you are saying, then you must be understanding and patient in your explanations. If there are disagreements from elsewhere, let's not bring them here. Whatever our differences, we are all working together.

I understand that you feel your thoughts have not been paid enough attention in the past, and I sympathize with that. Please take some time to think and consider your approach. We can continue, if it is in a spirit of cooperation.

不要表現得像個中國網路言論審查員，這裏沒有人在互相攻擊。 若果你真的想建立一個歡迎交流的、包容的bbs，請收起你的評判並保持中立。

Don't act like a Chinese speech censor, no one here is attacking each other. If you really want to create a bbs to exchange information, please put away your judgement and remain neutral.

[RPRX]

@wkrp 查看以下发言：

@beavailable

我觉得你和大多数中国人一样，总是认为当前的专制政权还是在为人民服务的，即使推出 GFW 也为了屏蔽所谓“不良信息”而不想影响人民搞经济、搞科研、写代码。 我已经不想反驳这种观点了，因为我知道，再多的证据都改变不了你们的阿Q思想。

你不能仅仅因为自己说了有人提供信息就让别人相信你吧，具体是什么信息也不说，这和统治者捏造“境外势力”有什么区别？

这是什么消息，你新造的谣吗？消息来源呢？证据呢？

@UjuiUjuMandan

这是为了推广自己的REALITY的最新广告吗？

按照你的说法，GFW也是能从Socks5看到使用者访问的网站的，但是就故意不封，监视并默默记录，好可怕哦。

@klzgrad

这个文章的主要问题还不是猜想有漏洞，而是把弱证据和猜想以确凿事实的口吻宣传出来，并且以FUD的形式贬低其他方案，进行自我宣传。这不是一种进行技术研究的正确姿态。

Respectful?

---

View the following statements:

I think you, like most Chinese people, always think that the current authoritarian regime is still serving the people, and that even the GFW was launched to block the so-called "bad information" and not to affect the people's economy, research and code writing. I don't want to refute this view anymore, because I know that no amount of evidence can change your Q thinking.

You can't make people believe you just because you say someone provided information, but you don't tell them exactly what information it is, what is the difference between this and the rulers fabricating "foreign forces"?

What kind of information is this, is it a new rumor? Where is the source? Where is the evidence?

Is this the newest advertisement for your REALITY software?

According to you, GFW is also able to see the websites that users visit from Socks5, but then it deliberately does not block them, monitor and record them silently, so scary, eh.

The main problem with this article is not yet that the conjecture is flawed, but rather that it promotes weak evidence and conjecture in the tone of hard facts, and self-promotes by disparaging other options in the form of FUD. This is not a proper posture for conducting technical research.

Respectful?

[ghost]

推测一下“省墙”的意义：

是否见过以下常见言论：

“shadowsocks 用了 n 年，一点事没有。”

“求助，我的 REALLY 怎么被秒封？”

“没有任何证据表明 xx 功能有用，相反，___”

即其实都是省墙在作祟。

• 省墙让各地墙高不一，引起分歧。 其实大家说的都是自己观察到的情况，但只不过是盲人摸象。大家其实大可不必争执哪个协议最好，不同地区墙的策略不同，争不出结果的。墙还乐得社区分裂。

解决方法：心平气和，不与人争。

• 省墙能定位你的所在地。 不同地区 “专杀” 某种协议，或者故意 “放生” 某种协议，网警能通过你发言表示自己使用的协议定位你所在的区域。

解决方法：不透露自己正在使用的协议。

---

Speculate on the meaning of "conserve the wall":

Have you seen the following common statements:

"I've been using shadowsocks for n years and nothing has happened."

"Help, how come my REALLY gets blocked in seconds?"

"There is no evidence that the xx feature works, on the contrary, ____"

I.e. it's actually all about conserving the wall.

• Wall conserving makes the wall height vary from place to place and causes disagreement. In fact, everyone is saying what they have observed, but they are just blind men feeling the elephant. We actually do not have to argue which agreement is the best, different regional walls have different strategies, and can not compete for results. The wall is also happy to split the community.

The solution: be calm and do not argue with others.

• Wall conserving can reveal your location. Different areas "dedicated" to a certain protocol, or deliberately "release" a certain protocol, the network police can locate your area by the protocol you speak to indicate that you are using.

Solution: Do not disclose the protocol you are using.

[RPRX]

@naverMeet 我猜你说的“省墙”指的是“各地的墙”，严格来说应该叫“城市墙”，即每个城市都有，这是同一个“内鬼”透露出的信息。 这也是合理的做法，把一些任务分散到各地可以分散压力、方便采用不同的策略，还可以抓到“境内中转”的翻墙流量。

关于 REALITY，我补充一些封锁的情况：

• 在中国，尚未收到某个地区针对 REALITY 的报告，我们收到了甲骨文部分 IP 的 REALITY 被阻断的报告 报告分两种，第一种是，只要是 TLS 都会被阻断，第二种是，偷微软、苹果等大厂时，一握手就会被阻断 180 秒 后者看起来是一种半黑名单，即 GFW 不认为这些 IP 会有微软、苹果等大厂的网站 或许它查了 DNS（但大厂有很多 IP，而且会变）？但是这种情况仅在小部分 IP 上出现，所以仍算是“半黑名单”
• 在伊朗，正在实行 SNI 白名单等严格的过滤策略，我们收到了 Tehran 的 MCI 曾测试 IP 白名单的报告

我觉得一些争论是有必要的，它可以有效促进技术的碰撞、发展，人类文明也是在打打杀杀、吵架的过程中发展成现在这样的。 民主国家就是天天吵架，指责对方做得不对，宣传自己才是对的，你的一举一动都有人盯着，也有各种组织呼吁推动各种事情。 上面引用的 clowwindy 不是也 FUD 说“为什么不应该用 SSL 翻墙”吗？然而 TLS 类还是流行了，在 SS 被封锁时提供了另一条路。 本来就是这样的，我看不惯你的设计，你看不惯我的说法，各自发展、相互竞争，结果就是有更多的协议出来，提供更多选择。

没有争论、表面一片和谐才是有问题的。我只是在说这件事，没有暗示什么。

---

I guess when you say "provincial walls" you mean "walls everywhere", technically it should be called "city walls", i.e. every city has one, this is the same "insider" that revealed the information. This is also a reasonable approach, as spreading some tasks around can spread the pressure, facilitate different strategies, and catch the "inbound transit" wall traffic.

Regarding REALITY, I would like to add some blocking information:

• In China, we have not received any reports of REALITY in a particular region, but we have received reports of REALITY being blocked for some of Oracle's IPs. There are two types of reports, the first is that as long as the TLS will be blocked, the second is that when stealing from Microsoft, Apple and other large manufacturers, a handshake will be blocked for 180 seconds The latter seems to be a kind of semi-blacklist, i.e. GFW doesn't think these IPs will have websites from Microsoft, Apple, etc. Maybe it checks the DNS (but the big players have a lot of IPs and they change)? But this only happens on a small number of IPs, so it's still a "semi-blacklist"
• In Iran, strict filtering policies such as SNI whitelisting are being implemented, and we have received reports that Tehran's MCI has tested IP whitelisting

I think some debate is necessary, it can effectively promote the collision of technology, development, human civilization is also in the process of fighting and quarreling to develop into what it is now. Democracies are quarrelsome every day, accusing each other of doing wrong, propagating that they are the right ones, that there are people watching every move you make, and that there are various organizations calling for the promotion of various things. Didn't the clowwindy quoted above also FUD say "why shouldn't we use SSL to get over the wall"? Yet the TLS class is still popular, providing an alternative path when SS is blocked. That's how it is, I don't like your design, you don't like my argument, each developing and competing with the other, resulting in more protocols and more choices.

No arguments, the surface of a harmonious is the problem. I'm just talking about it, not implying anything.

[klzgrad]

如果是基于数据和实证研究的技术争论，它将是建设性的，因为它是基于一种可证伪的方法论，越争论，数据越充分，事实越清楚。如果是基于道听途说和纯粹猜想的争论，与事实层面没有严格的、可重现的联系，这种争论只会在主观的领域转圈，不会得出什么有意义的结果。这篇文章证据太少，猜想太多，它的结论宣称的口径远大于它提供证据的力度。当然每个人都有权利提出自己的猜想，但是以自己缺乏证实的猜想为依据，以安全公告的形式去建议广泛的非专业读者采取特定行动，这就是经典定义的FUD了。

If it is a technical argument based on data and empirical research, it will be constructive because it is based on a falsifiable methodology, and the more it is argued, the more sufficient the data and the clearer the facts. If the argument is based on hearsay and pure conjecture, with no strict, reproducible connection to the factual level, such an argument will just spin around in the realm of subjectivity and will not yield any meaningful results. This article has too little evidence and too much conjecture, and the caliber of its conclusion claims is far greater than the strength of the evidence it provides. Of course everyone is entitled to their own conjecture, but to use one's unproven conjecture as the basis for a safety bulletin to suggest a specific course of action to a broad lay audience is the classic definition of FUD.

[ghost]

@RPRX 争论确实是有必要的，是我表述不清。我指的应该是 “撕逼”。

The debate is indeed necessary, it was my poor phrasing. I should have been referring to "having a cat fight".

[ghost]

发现一个有意思的现象，部分反审查社区的成员对审查机器的认知是静止的。

到今天，中国已经是世界前列的网络大国，必然有一套大的系统存在，这套系统一定涵盖了GFW，是中国国家战略的一部分。如果我们对墙的认知只停留在10年前，明显不合理。

激进的抗审查方案相当有必要，这意味着有必要基于猜想开发新的方案，不然只会受制于对手。

---

It is interesting to find that some members of the anti-censorship community have a static perception of the censorship machine.

By today, China is one of the world's leading online powers, and there must be a big system in place that must cover the GFW and be part of China's national strategy. It is obviously unreasonable if our perception of the wall only stays 10 years ago.

A radical anti-censorship program is quite necessary, which means it is necessary to develop new programs based on conjecture, otherwise we will only be subject to the adversary.

[TXIuTnVsbA]

你这研究的也太深了吧= = 我翻出去= =只是为了看点好康的= = 不过说真的，当时不是有一波封了tls用来代理的服务器吗？我用了很久都没事（毕竟我只是拿来看些好康的）。 直到某一天（大概是4月份左右吧），tiktok出事了之后，我下载了tiktok，用这个服务器去刷视频（傻逼tiktok给我推了关于政治的东西，我去你大爷我只是过来看美腿的，给某些视频和直播恶心到了），没想到第二天，服务器443端口就被阻断了。 很巧合的是我tiktok账号也被封了，单单看视频都被封了。 所以我猜测，人家其实估计不会突然间封掉你，可能会拿着你的数据包进行分析。

---

Your research is also too deep = = = I turned out = = = just to see some good con = = = But seriously, wasn't there a wave of blocked tls used to proxy the server? I used it for a long time all right (after all, I just took to see some good con). Until one day (probably around April), tiktok accident, I downloaded tiktok, with this server to brush the video (stupid tiktok to me to push something about politics, I go to your master I just came to see the legs, to some video and live disgusted), I did not expect the next day, the server 443 port was blocked. Coincidentally, my tiktok account was also blocked, and watching the video alone was blocked. So I guess, people actually estimate that they will not suddenly block you, may take your packet for analysis.

[RPRX]

如果是基于数据和实证研究的技术争论，它将是建设性的，因为它是基于一种可证伪的方法论，越争论，数据越充分，事实越清楚。如果是基于道听途说和纯粹猜想的争论，与事实层面没有严格的、可重现的联系，这种争论只会在主观的领域转圈，不会得出什么有意义的结果。这篇文章证据太少，猜想太多，它的结论宣称的口径远大于它提供证据的力度。当然每个人都有权利提出自己的猜想，但是以自己缺乏证实的猜想为依据，以安全公告的形式去建议广泛的非专业读者采取特定行动，这就是经典定义的FUD了。

“道听途说”指的是“没有根据的传闻”，然而我的信息来源是多名身处 SNI 白名单地区的用户现身说法，请问这不属于“事实”吗？

“降级攻击”是我“符合逻辑的推导”，而不是“纯粹猜想”。我说了，基于这样矛盾的情况，我只能认为它是“降级攻击”。当然你可以有其它的看法，但是我指出了你的看法“并没有考虑到现实情况”，不是吗？你有给出其它看法吗？为什么顾左右而言他呢？ 不过这个问题最关键的是，归根结底我们没办法找来一个内部人士让他承认“啊，对，我们就是想降级攻击”。

“解密流量”是一样的，首先手机这种设备本来就非常不安全，其次解密是离线进行的，这也只能找内部人士来承认。 但让我们看看以下这些事情：

1. 国密双证书体系，它能这么设计，说明它有这个需求
2. 拼多多，啥都干了，证据确凿，中国都没锤它
3. GFW 本来就有“监控”的前科，上面已经说了一堆细节，当时内部群有很多开发者都知道，但 @klzgrad 似乎不用 tg
4. 今年三月份我发现浏览器某知名插件实时、明文上传你在访问的 URL（尚未公开，如果你们想知道，我可以提前公开）
5. 还有我们都知道的，购物 APP 的“口令”，也是基于上传你的剪贴板来实现的，APP 上传剪贴板、输入法云词库，这些都是常规操作了，当然它们经常会收到些不该收到的东西，至于有没有看，即使他们说没有，微信还说它不存聊天记录呢，你信吗？

对岸也没差，什么棱镜门啊，什么 NIST 啊，近期又曝出什么窃听盟友通信啊，什么利用 0day 漏洞给中国的大学植入木马啊。 这种事情列举不完的，大家都在这么干，塞后门，找漏洞，不吭声，为己所用，各国都养了一大堆人天天就是在研究这些事情。

正好这两天安卓设备又曝出一个漏洞，暴力破解指纹，像这样的攻击一直都有很多人在尝试、研究。

所以为什么会有人觉得现在这么明显的一个机制漏洞不会有人想利用啊？ Shadowsocks 流加密不是也有人研究重定向解密吗？

TLSv1.3 只留 FS，不就是防止有人先记录流量后解密吗？TLS 本来就是比 SS 这类更安全，当然把 CA 扔了更好。 像这种安全威胁，当它被实锤确实被利用时就已经晚了，大家不都是想到了就要消除、扼杀在萌芽吗？这才是正路。

---

If it is a technical argument based on data and empirical research, it will be constructive because it is based on a falsifiable methodology, and the more it is argued, the more sufficient the data and the clearer the facts. If the argument is based on hearsay and pure conjecture, with no strict, reproducible connection to the factual level, such an argument will just spin around in the realm of subjectivity and will not yield any meaningful results. This article has too little evidence and too much conjecture, and the caliber of its conclusion claims is far greater than the strength of the evidence it provides. Of course everyone is entitled to their own conjecture, but to use one's unproven conjecture as the basis for a safety bulletin to suggest a specific course of action to a broad lay audience is the classic definition of FUD.

"Hearsay" means "unsubstantiated rumors." However, my sources are multiple users in SNI whitelisted areas who have spoken out, so isn't that a "fact"? Is that not a "fact"?

The "downgrade attack" is my "logical deduction", not "pure conjecture". As I said, based on such contradictory circumstances, I can only consider it a "downgrade attack". Of course you can have other opinions, but I pointed out that your opinion "doesn't take into account the reality of the situation", didn't I? Did you give an alternative view? Why are you avoiding the topic? But the bottom line of this issue is that ultimately we can't get an insider to admit "ah yes, we are trying to downgrade the attack".

It's the same with "decrypting traffic". First of all, cell phones are very insecure devices, and secondly, decryption is done offline, so we can only get an insider to admit it. But let's look at the following things:

1. The state secret dual certificate system, it can be so designed, that it has this requirement
2. Pinduoduo, everything has been done, the evidence is solid, China did not hammer it
3. GFW has a history of "monitoring", the above has said a bunch of details, when the internal group of many developers know, but @klzgrad does not seem to use tg
4. In March this year I found that a well-known browser plug-in real-time, explicitly upload the URL you are visiting (not yet public, if you want to know, I can disclose in advance)
5. And we all know, the shopping app 口令 "Password", also works by uploading your clipboard, the app uploads clipboard, input method cloud thesaurus, these are routine operations, of course, they often receive some things that should not receive, as for whether to see, even if they say no, WeChat also said it does not store chat records it, do you believe?

The other side is no worse, what about PRISM, what about NIST ah, and recently exposed what eavesdropping on allied communications ah, what the use of 0day vulnerability to Chinese universities to plant a Trojan horse ah. The list of such things is endless, everyone is doing this, stuffing back doors, looking for vulnerabilities, do not say anything, for their own use, countries are raising a large number of people every day is to study these things.

It just so happens that in the past two days Android devices have been exposed to another vulnerability, brute-force fingerprint cracking, like this attack has been a lot of people trying, research.

So why would anyone think that such an obvious vulnerability in a mechanism would not be exploited? Shadowsocks stream encryption is not also someone to study redirect decryption?

TLSv1.3 only leave FS, is not to prevent someone first record traffic after decryption is not TLS is originally more secure than SS such, of course, it is better to remove the CA. This kind of security threat, when it is hammered is really being used when it is already too late, we are not to think of eliminating, nip in the bud? This is the right way.

[Lather0519]

如果是基于数据和实证研究的技术争论，它将是建设性的，因为它是基于一种可证伪的方法论，越争论，数据越充分，事实越清楚。如果是基于道听途说和纯粹猜想的争论，与事实层面没有严格的、可重现的联系，这种争论只会在主观的领域转圈，不会得出什么有意义的结果。这篇文章证据太少，猜想太多，它的结论宣称的口径远大于它提供证据的力度。当然每个人都有权利提出自己的猜想，但是以自己缺乏证实的猜想为依据，以安全公告的形式去建议广泛的非专业读者采取特定行动，这就是经典定义的FUD了。

“道听途说”指的是“没有根据的传闻”，然而我的信息来源是多名身处 SNI 白名单地区的用户现身说法，请问这不属于“事实”吗？

“降级攻击”是我“符合逻辑的推导”，而不是“纯粹猜想”。我说了，基于这样矛盾的情况，我只能认为它是“降级攻击”。当然你可以有其它的看法，但是我指出了你的看法“并没有考虑到现实情况”，不是吗？你有给出其它看法吗？为什么顾左右而言他呢？ 不过这个问题最关键的是，归根结底我们没办法找来一个内部人士让他承认“啊，对，我们就是想降级攻击”。

“解密流量”是一样的，首先手机这种设备本来就非常不安全，其次解密是离线进行的，这也只能找内部人士来承认。 但让我们看看以下这些事情：

1. 国密双证书体系，它能这么设计，说明它有这个需求
2. 拼多多，啥都干了，证据确凿，中国都没锤它
3. GFW 本来就有“监控”的前科，上面已经说了一堆细节，当时内部群有很多开发者都知道，但 @klzgrad 似乎不用 tg
4. 今年三月份我发现浏览器某知名插件实时、明文上传你在访问的 URL（尚未公开，如果你们想知道，我可以提前公开）
5. 还有我们都知道的，购物 APP 的“口令”，也是基于上传你的剪贴板来实现的，APP 上传剪贴板、输入法云词库，这些都是常规操作了，当然它们经常会收到些不该收到的东西，至于有没有看，即使他们说没有，微信还说它不存聊天记录呢，你信吗？

对岸也没差，什么棱镜门啊，什么 NIST 啊，近期又曝出什么窃听盟友通信啊，什么利用 0day 漏洞给中国的大学植入木马啊。 这种事情列举不完的，大家都在这么干，塞后门，找漏洞，不吭声，为己所用，各国都养了一大堆人天天就是在研究这些事情。

正好这两天安卓设备又曝出一个漏洞，暴力破解指纹，像这样的攻击一直都有很多人在尝试、研究。

所以为什么会有人觉得现在这么明显的一个机制漏洞不会有人想利用啊？ Shadowsocks 流加密不是也有人研究重定向解密吗？

TLSv1.3 只留 FS，不就是防止有人先记录流量后解密吗？TLS 本来就是比 SS 这类更安全，当然把 CA 扔了更好。 像这种安全威胁，当它被实锤确实被利用时就已经晚了，大家不都是想到了就要消除、扼杀在萌芽吗？这才是正路。

If it is a technical argument based on data and empirical research, it will be constructive because it is based on a falsifiable methodology, and the more it is argued, the more sufficient the data and the clearer the facts. If the argument is based on hearsay and pure conjecture, with no strict, reproducible connection to the factual level, such an argument will just spin around in the realm of subjectivity and will not yield any meaningful results. This article has too little evidence and too much conjecture, and the caliber of its conclusion claims is far greater than the strength of the evidence it provides. Of course everyone is entitled to their own conjecture, but to use one's unproven conjecture as the basis for a safety bulletin to suggest a specific course of action to a broad lay audience is the classic definition of FUD.

"Hearsay" means "unsubstantiated rumors." However, my sources are multiple users in SNI whitelisted areas who have spoken out, so isn't that a "fact"? Is that not a "fact"?

The "downgrade attack" is my "logical deduction", not "pure conjecture". As I said, based on such contradictory circumstances, I can only consider it a "downgrade attack". Of course you can have other opinions, but I pointed out that your opinion "doesn't take into account the reality of the situation", didn't I? Did you give an alternative view? Why are you avoiding the topic? But the bottom line of this issue is that ultimately we can't get an insider to admit "ah yes, we are trying to downgrade the attack".

It's the same with "decrypting traffic". First of all, cell phones are very insecure devices, and secondly, decryption is done offline, so we can only get an insider to admit it. But let's look at the following things:

1. The state secret dual certificate system, it can be so designed, that it has this requirement
2. Pinduoduo, everything has been done, the evidence is solid, China did not hammer it
3. GFW has a history of "monitoring", the above has said a bunch of details, when the internal group of many developers know, but @klzgrad does not seem to use tg
4. In March this year I found that a well-known browser plug-in real-time, explicitly upload the URL you are visiting (not yet public, if you want to know, I can disclose in advance)
5. And we all know, the shopping app 口令 "Password", also works by uploading your clipboard, the app uploads clipboard, input method cloud thesaurus, these are routine operations, of course, they often receive some things that should not receive, as for whether to see, even if they say no, WeChat also said it does not store chat records it, do you believe?

The other side is no worse, what about PRISM, what about NIST ah, and recently exposed what eavesdropping on allied communications ah, what the use of 0day vulnerability to Chinese universities to plant a Trojan horse ah. The list of such things is endless, everyone is doing this, stuffing back doors, looking for vulnerabilities, do not say anything, for their own use, countries are raising a large number of people every day is to study these things.

It just so happens that in the past two days Android devices have been exposed to another vulnerability, brute-force fingerprint cracking, like this attack has been a lot of people trying, research.

So why would anyone think that such an obvious vulnerability in a mechanism would not be exploited? Shadowsocks stream encryption is not also someone to study redirect decryption?

TLSv1.3 only leave FS, is not to prevent someone first record traffic after decryption is not TLS is originally more secure than SS such, of course, it is better to remove the CA. This kind of security threat, when it is hammered is really being used when it is already too late, we are not to think of eliminating, nip in the bud? This is the right way.

簡中圈沒有辯論環境不是空穴來風，畢竟在那邊聚在一齊評論某件事甚至某個人都是大逆不道要被請去喝茶的非法聚衆行爲。 可以說牆內和剛剛學會翻牆出來看世界的網民沒有基本的討論認知和手法，遇到不同的理論就是開撕、扣帽子。 最搞笑的是被撕的正常人RPRX只要有一點反擊就會被要求“冷靜”。 爲了能夠確實獲取想要的知識，網路上還是裝繁中或英文使用者吧。

It is not a baseless claim there is no debating environment in simplified Chinese circles, after all, getting together on that side to comment on something or even someone is a treasonous and illegal gathering of people to be invited to tea. It can be said that the wall and just learned to see the world out of the wall of the Internet users do not have the basic knowledge and methods of discussion, when they encounter different theories they unfairly fight. The funniest thing is that the normal people RPRX got attacked as soon as there is a little counterattack will be asked to "calm down". In order to get the knowledge you want, you should acting like a traditional Chinese or English users on the Internet.

[nametoolong]

可以說牆內和剛剛學會翻牆出來看世界的網民沒有基本的討論認知和手法，遇到不同的理論就是開撕、扣帽子。

All people involved here have at least some participation in the anti-censorship community. RPRX calls them 'people who are not regularly involved in anti-censorship who feel they know more than the active members of the anti-censorship community'. Keep in mind that we have been intentionally ignoring those who believe this thread is an REALITY ad (true laymen). Do not feed the trolls.

最搞笑的是被撕的正常人~RPRX~只要有一點反擊就會被要求“冷靜”。

Off-topic, but this reminds me of how Trump claims media are suppressing his voice. He is not silenced. It is just this forum serves a rather different purpose: to gather data and to discuss designs. What is being discussed here is a hypothesis. It is very likely correct, but we'd better focus on validating and informing end users, instead of turning this into another SS vs SSR debate.

The other concern is whether RPRX is exaggerating the issue, which is why people are asked to calm down. In my very own point of view, people have divergent threat models from the beginning, hence the removal of VLess and XTLS in V2Fly and the massive refactoring in Xray, with license issues only accelerating the process.

Back to the topic, if we switch to proper TLS proxies immediately in SNI-whitelisted areas, how can we ensure the GFW will not take more stringent means to detect TLS impersonation (this is not impossible, but we generally assume such detection is too costly for the GFW)? This stems from the earliest discussion between some of the participants here: continue with protocol polymorphism or move on to TLS tunneling in entirety? You can also get away with a slightly obfuscated OpenVPN in Quanzhou. RPRX's point is that detecting look-like-nothing is much easier than detecting TLS steganography, so there must be a conspiracy against users in Quanzhou to enforce them to use look-like-nothing protocols, which are largely lacking in forward secrecy. My (dangerously unethical) two cents from the polymorphism camp: let's encourage users to use look-like-nothing protocols. If one does not care about security, the best experience is achieved; if one cares about security, the protocol-layering mess interferes with automatic decryption systems and hence acts as a DoS attack on the censor.

It is just... If look-like-nothing is not blocked, why not leverage it to the largest extent?

[Lather0519]

可以說牆內和剛剛學會翻牆出來看世界的網民沒有基本的討論認知和手法，遇到不同的理論就是開撕、扣帽子。

All people involved here have at least some participation in the anti-censorship community. RPRX calls them 'people who are not regularly involved in anti-censorship who feel they know more than the active members of the anti-censorship community'. Keep in mind that we have been intentionally ignoring those who believe this thread is an REALITY ad (true laymen). Do not feed the trolls.

最搞笑的是被撕的正常人~RPRX~只要有一點反擊就會被要求“冷靜”。

Off-topic, but this reminds me of how Trump claims media are suppressing his voice. He is not silenced. It is just this forum serves a rather different purpose: to gather data and to discuss designs. What is being discussed here is a hypothesis. It is very likely correct, but we'd better focus on validating and informing end users, instead of turning this into another SS vs SSR debate.

The other concern is whether RPRX is exaggerating the issue, which is why people are asked to calm down. In my very own point of view, people have divergent threat models from the beginning, hence the removal of VLess and XTLS in V2Fly and the massive refactoring in Xray, with license issues only accelerating the process.

Back to the topic, if we switch to proper TLS proxies immediately in SNI-whitelisted areas, how can we ensure the GFW will not take more stringent means to detect TLS impersonation (this is not impossible, but we generally assume such detection is too costly for the GFW)? This stems from the earliest discussion between some of the participants here: continue with protocol polymorphism or move on to TLS tunneling in entirety? You can also get away with a slightly obfuscated OpenVPN in Quanzhou. RPRX's point is that detecting look-like-nothing is much easier than detecting TLS steganography, so there must be a conspiracy against users in Quanzhou to enforce them to use look-like-nothing protocols, which are largely lacking in forward secrecy. My (dangerously unethical) two cents from the polymorphism camp: let's encourage users to use look-like-nothing protocols. If one does not care about security, the best experience is achieved; if one cares about security, the protocol-layering mess interferes with automatic decryption systems and hence acts as a DoS attack on the censor.

It is just... If look-like-nothing is not blocked, why not leverage it to the largest extent?

依然是題外話：我不清楚你是如何看懂中文的，如果你真的知道如何理解中文，那麼應該會很清楚的認識到，上面的一些人是故意扮演成或本來就是無所畏懼的白癡，用非常低水平的問題來激怒RPRX。

對於GFW，因爲是中共在領導中國做這種事，所以任何大膽的猜測都不是過度誇大，這是非常有可能的。如果你在中國生活過一段時間你會更加清楚中共是什麼。

Still on topic: I'm not sure how you read Chinese, but if you do know how to understand it, then it should be clear to you that some of the people above are deliberately playing or were fearless idiots to anger RPRX with very low level questions.

In the case of GFW, since the CCP is leading China in this kind of thing, it is very possible that any bold speculation is not an overstatement. If you have lived in China for a while you will have a better idea of what the CCP is.

[RPRX]

前段时间我们收到了两例“xx公安提醒youtube”的报告：https://github.com/XTLS/Xray-core/discussions/2211#discussioncomment-6183390

报告者 @reply2future 使用的是裸 VMess 协议，且手机上有节点信息（但我觉得他大概率是“漏流量”了），另一位使用的协议未知

不过“漏流量”的话，应该有很多人会漏，命中反诈系统黑名单，应该会有很多报告，但却没有，这是比较奇怪的地方

Telegram 上的讨论：https://t.me/projectXtls/100 ，https://t.me/xhqcankao/5022 （需要打开 Telegram 客户端才能看到讨论区）

目前有很多猜想，尚无定论，但这些报告表明监控确实存在，且力度日益增强，而手机、反诈已经是重要载体，现实就是这么残酷

---

Some time ago we received two cases of "xx public security alert youtube" reports: https://github.com/XTLS/Xray-core/discussions/2211#discussioncomment-6183390

The reporter @reply2future is using the bare VMess protocol and has node information on his phone (but I think he probably "leaked traffic"), the other one is using an unknown protocol

However, if the traffic is "leaked", there should be many people who would leak it and hit the blacklist of anti-fraud system, there should be many reports, but there is none, which is rather strange

Discussions on Telegram: https://t.me/projectXtls/100 and https://t.me/xhqcankao/5022 (you need to open the Telegram client to see the discussion forum)

There is a lot of speculation, not yet conclusive, but these reports show that surveillance does exist and is growing stronger, and cell phones, anti-fraud is already an important vehicle, the reality is so harsh