GitLab

Ethiopia is blocking Tor by DPIing the ServerHello TLS record. We found out that changing the ciphersuite selected (from the default TLS1_TXT_DHE_RSA_WITH_AES_256_SHA (0x0039)) bypasses the censorship.

This is a ticket to see how we can handle this issue. We should also be think about how #4744 (moved) and proposal 198 influence this.

The patch we used during tests removes 0x0039 from SERVER_CIPHER_LIST: https://gitorious.org/mytor/mytor/commit/087de5215cada3320c8494fdc97b87746b45e1cb

A good short-term plan would be to set-up a few patched bridges, update the blog post, and distribute the patched bridges to anyone who asks for them.