Non-surprisingly, DoH https traffic has some distinct properties that makes it identifiably without decryption, at least according to a very small scale test by the ISC:

Probably would need some kind of padding or such, in both directions.

@galaxis I'm pretty sure Chinese GFW has been able to detect them for a long time. Every time I try to set up a DoH proxy myself, right after I try to send a query for the first time, my IP will be blocked for ~30 minutes. Sending any other type of traffic, even VPN traffic, would not have such effect.

Sign in to participate in the conversation
INFRa Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!