After the events with Telegram block in Iran and Russia, a new type of Proxy started appearing in the beta versions of the messenger, and, to be more precise, the new protocol is MTProto Proxy.
This protocol was created by the Telegram team to solve blocking problems, but is it good?
The main type of proxy with which telegrams are currently running – socks
He has a fatal flaw: Login and password when connecting to a proxy – is transmitted in clear form , no, your telegrams can not be “dragged” in this way, but look inside the proxy and understand that Ivan Ivanov uses a telegraph-you can.
In countries that use DPI to analyze traffic, it’s done. This device dismantles the tunnel and looks, that there inside, if sees the forbidden traffic – we block.
What does Durov suggest?
Pavel Durov urged users to help with the financing of VPN and proxy services, and also talked about how he himself supports their creators. As he said, he is ready to spend on it millions dollars from personal savings. Durov about “Digital Resistance” and support for VPN services
MTProto Proxy is a protocol of the MTProto family (Telegram works on it), it solves several problems:
- To connect instead of login + password, just the password
- Traffic is no different from the usual HTTPS / TLS (well, almost)
- The password is not sent to the server when it is connected
- Traffic is encrypted
- It is possible to work through a proxy only Telegram’a (other applications will not work)
- Promoted channels
As you can see, the set of features makes this type of proxy highly specialized – for Telegram, you will not be able to transfer normal traffic there and this, as it is not strange – is a huge plus.
Earlier channels (and bots) made their proxies and distributed them to the world to save the audience in case of blocking. Their proxies were included in the global proxy lists and spam and other bad things were sent through them. With a new type of proxy, you will not be able to break the law, the maximum that will happen – telegram will banish your IP address.
An example of violation of the law in the case of socks: Through your proxy tried to hack the bank / gos.domedstvo, your hoster will receive an official complaint and in the best case will simply block you, at worst – to the wolves that court.
What are Promoted channels ?Photo Habr
Promoted channels are such a channel that you will automatically subscribe to when connecting to a proxy, it will be fixed at the top of the list of contacts / chats and it can not be deleted until you disconnect from this proxy.
Roughly speaking, telegram allows you to monetize the proxy, if earlier you could take a proxy from channel X (it works faster), but do not read it at all and go read Y (and at the same time channel X spends money on supporting the proxy in emptiness), then now for using a proxy you will be paid a signature on the channel.
Thus, you can expect the explosive growth of such proxies, if earlier the creation of the proxy was more a rush of goodwill or charity, now – the more users on your proxy = the more subscribers at the channel -> advertising can be sold more expensive.
Is Traffic is encrypted ?
Running Wireshark, I went to see how traffic looks when working through a proxy. And it looks like a normal TCP / SSL connection (without some packages / headers that relate to https) . In other words, traffic can be masked by solutions such as Cisco Anyconnect and similar solutions that use TCP + SSL.
Inside the tunnel – “porridge” of encrypted traffic, traffic is encrypted, as you might guess, by the same password / secret phrase that you enter when you connect. But not only it, of course, all the features of SSL / TLS are used here.
When will it be in production ?
At the moment, MTProto Proxy is available in the stable version of Telegram for OS X, Telegram or Android, and in beta versions of Telegram Desktop, iOS Telegram X.
It looks like we are waiting for the release in the “production” of this proxy in Desktop clients and the usual iOS version (not X) right after that, we should see a new post from the team with a story about why it’s good and how to live on.
And where to test ?
In the vastness of the chat rooms, a semi-official proxy was found in the telegrams, which works fine with the new protocol and (seemingly) is launched by one of the developers, here it is: t.me/proxy?server=proxy.digitalresistance.dog&port=443&secret=d41d8cd98f00b204e9800998ecf8427e
But this not all, enthusiasts on Github by the source analysis method are trying to make their proxy server (yet official yet), here are a couple of projects.
How to config MTProto here is complete configuration
PS And in the most recent version of the library for VOIP calls that is used in telegram support for the conference mode is found, it seems that soon there will be two big announcements at once. Is Telegram safe? Or how I was looking for a bookmark in MTProto. and How to use Telegram after blocking, if I’m a humanist here are Configuring your own VPN server in two clicks . if you are interested in cheap way to create a proxy server for Telegram .