Existing censorship-resistant systems share a fundamental vulnerability: they require the user to know a finite set of entry points (bridge addresses, rendezvous points, or ISP-level collaborators) that a censor can enumerate by impersonating a legitimate user. China has blocked the majority of Tor bridges since 2010 and Iran blocked all encrypted traffic in 2012, demonstrating this attack is operationally deployed at scale.

Over 72 days, the authors observed 814,667,299 blog posts (average 11,314,823/day; peak 13,083,878/day). To blacklist all potential MIAB drop points, a censor would need to block 33,361,754 FQDNs (5% of all web servers per Netcraft) or 1,803,345 second-level domains (1.4% of global domain registrations); even a fully-maintained static blacklist retains an 11–12% daily miss ratio as new blogs appear.

§5.1, Figure 4 evaluation

MIAB reduces the bootstrap requirement to only the operator's public key — no pre-shared rendezvous point is needed — by using blog pings as a real-time broadcast discovery channel. Since every blog post on the Internet is a potential drop point, the censor cannot enumerate entry points by posing as a legitimate user, unlike Collage (requires an up-to-date task database) or Telex (requires ISP collaboration).

§3 defense

A single modern machine with a fast domestic Internet connection can process the full blog-ping stream within the 5-minute ping-server release interval: steganographic extraction takes 2m:51s, RSA decryption 2m:35s, and image fetching 4m:17s (parallelizable with extraction), completing under 5 minutes at under 90% CPU. A single machine accommodates 15–20 million posts per day; serving Iran's entire population blogging daily would require only five machines.

§5.1 evaluation

All trained ML classifiers (K-NN, Naive Bayes, ANN, SVM, vote ensemble) performed at near-chance levels when distinguishing RSA-encrypted stego messages from clean photos — best precision 52.05%, best meaningful recall 61.52% (K-NN on clean class). The authors attribute this to embedding only a few hundred bytes into cover photos hundreds of KB in size, with natural image entropy in noisy pixel regions being empirically indistinguishable from RSA-ciphertext statistics.

§5.1, Table 1 defense

InterSecLab's 76-page analysis of the Geedge/MESA leak (based on nine months of indexing and translating >100,000 documents) characterizes the Tiangou Secure Gateway (TSG) product line as a commercially deployable detection stack that combines deep packet inspection, real-time mobile subscriber monitoring, active probing, ML-based traffic classifiers, and granular per-region rule sets. TSG is not a research prototype — leaked documentation includes deployment timelines and client government interactions for Kazakhstan, Ethiopia, Pakistan, Myanmar, and one unnamed country, with censorship rules explicitly tailored to each region.

2025-interseclab-internet-coup §3–§5 (InterSecLab report) dpiactive-probingml-classifiersni-blockingip-blockingtraffic-shapefully-encrypted-detect

Justice for Myanmar documents that Geedge Networks supplied Myanmar's military junta with GFW-derived surveillance and censorship infrastructure under Belt and Road frameworks following the February 2021 coup. The deployed system (Tiangou Secure Gateway / TSG) incorporates the same DPI, active-probing, and ML-classifier capabilities as the domestic Chinese GFW, giving Myanmar one of the most technically capable censorship systems in Southeast Asia.

2025-jfm-silk-road-surveillance §3, §5 dpisni-blockingip-blockingtraffic-shapeml-classifieractive-probing

Snowflake's sustained operation in heavily censored regions demonstrates that WebRTC must remain accessible to users, which in turn requires that TURN servers remain unblocked to support NAT traversal for peer-to-peer WebRTC connections. This transitive unblockability makes TURN service providers viable rendezvous channels for the Bridge Distribution Problem.

2025-vilalonga-extended §3.2 Bridge Distribution Problem ip-blockingactive-probing

TURN servers used by major applications such as Facebook Messenger for media relay are hypothesized to be less likely blocked in censored regions due to collateral damage to legitimate WebRTC traffic. Providers like Cloudflare, Metered Video, and ExpressTURN supply geographically distributed TURN infrastructure that can be used without any special configuration by a censorship evasion system.

2025-vilalonga-extended §1 Introduction & Background dpiactive-probingip-blocking

Traffic splitting across N TURN proxies (1 ≤ N ≤ M) is hypothesized to resist active probing because each TURN server responds to probing requests identically to a regular TURN server, providing no distinguishing signal. Additionally, proxy ephemerality combined with splitting allows on-the-fly migration to new proxies when existing ones are blocked, maintaining connectivity even under partial blocking.

2025-vilalonga-extended §3.3 Censorship Evasion active-probingip-blockingdpi

The paper defines Unauthenticated Push (UP) channels as a distinct archetype from signaling/rendezvous channels, characterized by three properties: strictly unidirectional delivery, no client authentication or account association required, and higher bandwidth (kilobytes to megabytes) to support software updates rather than just minimal proxy-address exchanges. This design deliberately shifts operational-security burden onto senders to approach receiver anonymity.

2025-vines-extended §1–§3 ip-blockingactive-probing