Major Blocks via TSPU: What It Means for the Russian Internet

By Ava McKinneyOnline Safety

Major Blocks via TSPU: What Is It?

In early September, the “Smart Voting” website was blocked without affecting Google’s resources. Previously, this wasn’t possible, but now it is thanks to TSPU. Later that month, Rostelecom proposed restricting access to public DNS servers from Google and Cloudflare, as well as DoH (DNS over HTTPS) and DoT (DNS over TLS) protocols. On the night of September 15-16, Roskomnadzor blocked docs.google.com and telegra.ph through several telecom operators, without adding either to its official blacklist.

What Is TSPU?

TSPU stands for “Technical Means of Countering Threats.” In other words, it’s a new hardware-software system that allows authorities to restrict access to information prohibited in Russia.

When Did This Start?

Since September 2020, Roskomnadzor has required telecom operators to install TSPU, as part of the 2019 “Sovereign Internet” law. This allows the agency to centrally manage the Russian segment of the internet, filtering traffic using DPI technology.

What Is DPI?

DPI, or Deep Packet Inspection, is a method of analyzing the contents of data packets transmitted over the internet. While it’s impossible to read the contents of encrypted packets, metadata can reveal which websites a user visits and, in most cases, which data exchange protocol is being used.

Was This Not Used Before?

According to available information, TSPU doesn’t differ much from other DPI systems that providers have used for years. Initially, traffic was analyzed to prioritize certain types of data—for example, giving higher priority to voice messages, which are more sensitive to delays.

Later, solutions appeared for monetization (analyzing traffic to sell information or replace ads on non-HTTPS sites). In recent years, as we can see, these technologies are also being used to block content.

Does TSPU Make Blocking More “Effective”?

Yes, you could say that. Not all providers have DPI equipment, and not all who do use it for blocking. TSPU, however, is centrally managed by Roskomnadzor, which can enforce the same blocking rules across all providers.

With TSPU, authorities can not only block but also “slow down” certain services and data transfer protocols (remember the Twitter slowdown), and even carry out local “shutdowns.”

Are Blocks Now Less Transparent?

Yes. All decisions to restrict access to websites, domains, and IP addresses in Russia are supposed to be recorded in the official blacklist. The organization “Roskomsvoboda” conducts public monitoring of these blocks.

But now, blocks are being implemented outside of this registry. Everything has become more unpredictable and, to put it mildly, questionable even by the standards of the laws regulating website blocking. It’s impossible to trace which agency made the decision, on what grounds, or under what authority these blocks and slowdowns via TSPU are happening. This, of course, affects our constitutional rights to access and distribute information.

Who Manufactures TSPU Hardware?

The exact manufacturer is unknown, but experts believe it is likely “RDP.ru,” a company acquired by Rostelecom. In some cases, Israeli company Silicom’s equipment is reportedly used to connect traffic directly if there are issues with TSPU.

Can VPN Services Still Help?

VPN services use various protocols, but most were not designed to hide their use. Therefore, if someone wants to, it’s relatively easy to identify VPN protocols. Moreover, if your traffic is closely analyzed (not likely on a mass scale, but if you’re specifically targeted), a sign of VPN use could be a large amount of traffic going through a single IP address, even if it looks “innocent.”

Protocols can be improved, but mass-market VPN services aren’t very flexible in bypassing blocks: every change risks breaking something for existing users. Adding extra layers of obfuscation and masking also complicates things and can slow down traffic through provider servers.

Will Services Learn to Mask Traffic in the Future?

They probably will. Currently, the most promising solutions are Shadowsocks, OBFS4, and Cloak.

What Should Non-Technical Users Do?

Look for services that take modern realities into account (like the need to mask traffic) and are still easy to use. Such services are emerging, for example, Amnesia VPN or Censor Tracker.

What’s Next for the Russian Internet? Opinion from Roskomsvoboda’s Head, Artyom Kozlyuk

We can expect the following developments (some of which are already happening):

  • Increased costs for internet access due to telecom operators’ expenses in complying with numerous regulations.
  • Worsening connection quality (slowdowns and blocks negatively affect overall traffic).
  • Decreased connectivity and resilience of the network.
  • Increased “Balkanization” of the internet.
  • Deteriorating investment climate due to unpredictable Russian laws and their enforcement.
  • Content creators leaving Russian jurisdiction.
  • Rostelecom increasingly monopolizing the telecom services market.

Leave a Reply