Roskomnadzor Steps Up Internet Restrictions in Russia
Roskomnadzor has launched a new offensive against banned online resources using Technical Threat Counteraction Tools (TSPU) installed at major internet providers. This time, their actions are much more sophisticated, and it seems that previous conclusions about authorities learning to restrict access to “subversive” information without affecting unrelated sites were premature.
Recently, a user from the Southern Urals reported that the local provider, Rostelecom, blocked the BitTorrent file-sharing protocol for home internet subscribers. Nothing about this appeared in the official registry of banned sites, but connecting to the DHT network became impossible.
“Torrent tracker announcers are also blocked, even those not listed by Roskomnadzor (for example, those used by various GNU/Linux distributions),” the user said. “Tech support gives the standard answer: ‘Torrents are piracy, and piracy is banned.’ They don’t care that BitTorrent is used to distribute ISO images of almost all GNU/Linux distributions and Blizzard game updates.” This was confirmed by users on the OpenNet forum.
DHT (Distributed Hash Table) is a decentralized hash table used in BitTorrent networks to find peers without trackers and to operate magnet links. “Currently, no magnet link will work unless it directly specifies the URL of a torrent tracker not blocked in Russia, because there’s no connection to DHT servers,” the user explained.
“The DHT network itself doesn’t violate any laws and isn’t currently banned by Roskomnadzor or other government agencies,” he added. “Rostelecom’s (and now TTK’s) tech support has been trying for three days to come up with an excuse for this block, though they haven’t officially confirmed it.”
Vadim Misbakh-Solovyov, a technical expert at RosKomSvoboda, explained: “DHT (Decentralized Hash Table) refers to networks without specific nodes, where participants communicate in a mesh-like way. Torrent clients use DHT to find content by file/distribution hash without trackers. But in the context of torrents, it’s a parallel entity: most people use torrent trackers, which have a central server coordinating clients and tracking ratings. Blocking one doesn’t affect the other.”
He added, “DHT isn’t unique to torrents. It’s also used in IPFS (InterPlanetary File System) and the Tox messenger. These systems operate through such networks.”
Widespread Service Disruptions Linked to New Blocking Methods
Around the same time, users of the FlashScore football streaming service on VKontakte reported problems accessing the app through certain providers. Similar issues were experienced by players of World of Tanks and World of WarShips, as well as users of Twitch and Avito.
According to Kommersant, the creators of World of WarShips linked access problems to the blocking of VPN services in Russia using DPI (Deep Packet Inspection) equipment. Their statement said, “During VPN service blocks, many UDP ports were affected, including those used in our game since the first alpha test. This affected not only major backbone providers but also many local ones across Russia.”
Roskomnadzor denied these accusations, stating that “the specified UDP ports were not blocked during VPN blocking activities.” FlashScore told Kommersant they did not know the cause of the outages.
Sources at the “big four” operators believe the problems are due to TSPU equipment installed by Roskomnadzor under the “autonomous Runet” law. According to VimpelCom, operator equipment is functioning normally, and no recent failures have been recorded. “But third-party technical means are installed on the network by law, and we do not control their activities. They could potentially affect traffic,” VimpelCom said, referring to the “sovereign Runet” law (90-FZ), which requires operators to install such devices.
Access issues were also observed by wired operators. “Marta,” operating in the Pskov region, confirmed: “The problems our subscribers faced are apparently related to Roskomnadzor’s attempts to block some VPN services using TSPU. This explains why difficulties arose only on some providers’ networks, and why providers themselves were unaware, since TSPU is a ‘black box’ for us.”
Legal Ambiguity and Expanding Powers
Philipp Kulin, creator of “Escher II,” commented on the gaming platform disruptions, recalling the broad interpretation of regulations from the 90-FZ law of 2019 to subordinate acts: “Plus, all were adopted with violations. The repressive norm ‘anything our left heel and mistress find unpleasant is a threat, and fighting threats gives us extraordinary powers’ doesn’t reflect even the spirit of the draconian sovereign Runet law. Is it legal? Yes. Does it have a legal basis? No, unless we mean legal sophistry. The sovereign Runet is predictably becoming a souvenir.”
Vadim Losev, a security specialist at RosKomSvoboda, recalled, “When Telegram was blocked in 2018, access to many services broke as well. Viber, airline registration services, OSAGO insurance sales, university sites, and many others suffered. It seems the same is happening now.”
DNS and Protocol Blocking Intensifies
At the same time as gaming services went down, public DNS blocking in Russia was reported:
- https://dns.google
- https://1.1.1.1
- https://doh.opendns.com
“About 75% availability across the country,” said Mikhail Klimarev, executive director of the Internet Protection Society (OZI). “They’re blocking the entire WireGuard protocol. You can fix it by changing the port, but the main thing is: all these blocks are now completely non-transparent. Even if something is blocked, we won’t know from official sources. They’ll just block it. It’s clear that a ‘digital blockade’ in a country of 146 million is impossible, but the entire Russian internet is working much worse now. And it will get even worse.”
Many experts and opposition politicians believe Roskomnadzor’s current actions are linked to attempts to block “Smart Voting,” created by Alexei Navalny’s team. Recently, Roskomnadzor asked major app stores to remove the app, equating access attempts to election interference.
Klimarev is convinced that during the State Duma elections, even more extensive blocks are coming: “I give a 95% chance that YouTube will be blocked from September 15-19. The ruling party is so afraid, they won’t stop at anything. Blocking YouTube could have catastrophic consequences. I really don’t know how this will end, but it feels like the country is going to hell.”
“It’s important to understand that, yes, on 70% of networks, a ‘protocol holocaust’ can be arranged. But on 30%—it can’t. The solution is simple: switch from operators with TSPU to those without it,” he concluded.
“Misha isn’t entirely right,” Kulin countered. “He forgot that the hastily adopted ‘free Internet’ law actually exempts small operators from TSPU, but legalizes TSPU on transit. So, ‘not using this list of operators’ ultimately won’t help. Another issue is that it’s too early to consider all transit ‘covered’ for now. But that’s the real prospect.”
Pre-Election Crackdown and New Protocol Tests
Recently, it was reported that ahead of the State Duma elections, Roskomnadzor sent notices to VPN service providers demanding they block access to the “Smart Voting” website and app. The agency emphasized that “Smart Voting” is banned under Russian law, and that 10 foreign companies provide VPN services that allow illegal access to the resource.
Roskomnadzor also warned that in September it would test blocking several foreign internet protocols that hide site names, including DoH, which is being implemented by Mozilla and Google. Cloudflare was also mentioned. These protocols can make it harder to block access to banned resources. To maintain network functionality, the agency recommended switching to the National Domain Name System (NSDI), giving providers until September 9. Experts say blocking modern encryption protocols will reduce privacy and security in the Russian internet, and may restrict access to popular resources like Firefox.
The agency did not directly announce the protocol blocking tests, but such letters are usually sent to state agencies shortly before such actions, according to Kommersant. Navalny’s team reported that such blocking occurred on September 8 from 9:00 to 10:00 PM at several major providers using TSPU equipment.
Ivan Zhdanov, an activist from Navalny’s team, said Roskomnadzor repeated Klimarev’s claim about testing Google and Cloudflare public DNS services at major telecom operators, “taking down half the internet at once.” He believes this is due to opposition apps resisting blocks.
The GlobalCheck project, founded by IT expert Vladislav Zdolnikov, also recorded the blocking of Google and Cloudflare DNS services. Zdolnikov is convinced these blocks are part of the fight against the “Navalny” app, which includes “Smart Voting.” GlobalCheck confirmed that Google’s DNS service is available under several names, but only the one used by the Navalny app—dns.google—was blocked. “The brief block was needed to assess the damage to other resources—DoH resolvers are used by various services and devices that are not planned to be blocked,” GlobalCheck concluded.
Zdolnikov called the authorities’ actions an attempt to “break the internet”: “What does a vandal-psychopath do when he picks up a big club? Right, he starts smashing everything around. That’s exactly what Roskomnadzor did when they realized they had installed TSPU (state DPI) on a significant portion of internet traffic.”
He compared the blocking of the WireGuard VPN protocol, DHT, and DoH resolvers from Google and Cloudflare to acts of vandalism, since “ordinary internet users who use DoH for secure DNS queries suffered.”
“They won’t take down the entire internet,” said Vadim Misbakh-Solovyov, “but the current blocks are already significantly degrading the Russian internet. Authorities are unlikely to block YouTube, as that could provoke major public outrage, so for now they’re blocking what’s used by relatively small groups.”
Vadim also noted that many third-party platforms suffered because they use Google and Cloudflare DNS services: “For example, some providers set 8.8.8.8 as the source for cache data. And blocking WireGuard is a direct result of many mass-market VPN services starting to use it. If these services had continued using OpenVPN or proprietary solutions, Roskomnadzor would never have noticed WireGuard.”