Ethiopia blocks Tor based on ServerHello
Ethiopia is blocking Tor by DPIing the ServerHello TLS record. We found out that changing the ciphersuite selected (from the default TLS1_TXT_DHE_RSA_WITH_AES_256_SHA (0x0039)) bypasses the censorship.
This is a ticket to see how we can handle this issue. We should also be think about how legacy/trac#4744 (moved) and proposal 198 influence this.
The patch we used during tests removes 0x0039 from
A good short-term plan would be to set-up a few patched bridges, update the blog post, and distribute the patched bridges to anyone who asks for them.