-
This is https://speed.gulag.link/, a speed test application that shows that the Roskomnadzor acceleration affects Russian users.
Jim Salter
-
This is the Google translated version of the gulag.link screenshot on the left.
Jim Salter
Last night, a confidential source at a Russian internet provider Ars contacted with the confirmation of the titanic error Roskomnadzor – the Russian Federal Service for Supervision of Communications, Information Technology and Mass Media – which attempted to stifle Twitter’s link shortening service. t.co.
Our source tells us that Roskomnadzor distributes a hardware package to all Russian ISPs that need to be connected just behind the ISP’s BGP core router. The Roskomnadzor package includes an EcoFilter 4080 deep package inspection system, a pair of Russian-made 10 Gbps composite switches, and two Huawei servers. According to our source, this hardware is ‘massively overloaded’ due to the required function and their experienced traffic level – possibly because ‘the government at some point planned to intercept all the traffic there.’
At the moment, the Roskomnadzor package is doing basic filtering for the list of banned resources – and from this week, modification of DNA requests has also started. The DNA deficiency also caused problems when it was first turned on – according to our source, YouTube DNA requests were interrupted for most of a day. Roskomnadzor eventually plans for all Russian ISPs to replace the real DNA servers with their own, but the project has encountered resistance and problems.
-
From the core BGP router at this Russian ISP – north of Roskomnadzor’s system – downloads this Microsoft source in 276 ms.
Jim Salter
-
From behind Roskomnadzor’s filtering device, the same Microsoft download takes more than ten minutes to complete!
Jim Salter
The rape that Roskomnadzor applied yesterday can be better described as a tarpit. As seen in the screenshots above, this caused downloads of all affected domains to crawl only a few kilobytes per second. This makes affected domains effectively unusable, but it can also be considered an attack on the servers on those domains. Maintaining TCP / IP connections consumes memory and CPU resources on connected servers, which are often less available than raw bandwidth, and it seems likely that Roskomnadzor was hoping for a negative impact on Twitter as well as on its own citizens .
However, as reported and confirmed yesterday by our source above, the tarpit attack did not only affect Twitter t.co domain as intended – this has affected all domains included the underground t.co, for example microsoft.com and the Russian state-owned news website rt.com. As you can see from the screenshots, a sample document that was normally downloaded within a quarter of Microsoft took more than ten minutes to download behind the Roskomnadzor filtering device.
According to our source, the wrong block string was finally corrected with a proper match restriction today around four o’clock Eastern time – Twitter’s t.co is still affected as intended, but Microsoft, Russia Today and other “collateral damage” sites can be browsed at full speed again.
List by Roskomnadzor