Network
The Russian Censorship Circumvention, Tom’s Traps, and Jerry’s VPN: A 5-Year Journey
<p>This presentation traces a five-year cat-and-mouse chase between a small VPN provider — more than 150 servers worldwide, millions of users, available on all major platforms — and the Russian state censorship machine. A real-world “Tom and Jerry” scenario where survival hinges on constant adaptation.</p>
<p>I’ll walk through the evolving technical and non-technical tactics used by Russian authorities to block VPN access for ordinary users. Every story comes from real, first-hand experience. The methods used five years ago and the methods used today are on entirely different levels; Tom keeps learning new tricks, and Jerry’s struggle to stay alive only gets harder.</p>
<p>This talk aims to be useful and insightful for network security engineers, business decision-makers, and human rights activists. Russia is not the only dictatorship experimenting with these techniques — and we expect more dictators to learn from the Russian playbook and adopt similar methods.</p>
Weitere Infos
| Live Stream | https://live.fosdem.org/watch/h1302 |
|---|---|
| Format | devroom |
| Sprache | Englisch |
Weitere Sessions
| 31.01.26 |
<p>This talk gives a rundown of various potential improvements being thought about and experimented on for the CUBIC Congestion Control implementation in Neqo, Firefox's QUIC stack. Detecting and recovering from Spurious Congestion Events -- network hiccups mistaken as congestion signal. Reacting differently to Explicit Congestion Notifications (ECN) than to packet loss. Optimizing the Slow Start exit point to avoid unnecessary loss through various heuristics.</p> <p>While many of these make ...
|
| 31.01.26 |
<p>iroh is a library to establish peer-to-peer QUIC connections assisted by relay servers. It needs to route UDP datagrams carrying QUIC payloads over relayed and holepunched network paths. While this used to be done outside of QUIC's knowledge, over the past year we have worked to adopt the QUIC multipath proposed standard so that QUIC itself is aware of multiple paths.</p> <p>This talk will cover iroh's experience of adding QUIC multipath to the Quinn library and the challenges of adopting it. ...
|
| 31.01.26 |
<p>The Web’s transport stack is changing rapidly, with QUIC, HTTP/3, and encrypted DNS seeing broad adoption. This talk gives an overview of the modern network protocols Firefox already deploys and invests in, including QUIC and HTTP/3’s growing share of Web traffic. It will highlight what Firefox actually sends on the wire today, what benefits we observe in practice, and where the Web’s protocol landscape stands in early 2026.</p> <p>The session will also offer an outlook on what’s ...
|
| 31.01.26 |
<h1>Harnessing Hardware for High-Performance Traffic Management in VPP</h1> <p><strong>Traffic Management (TM)</strong> is critical for predictable network performance. It controls packet priority, shapes transmission rates, and allocates bandwidth to meet SLAs in large-scale deployments such as ISPs, telecom networks, and data centers.</p> <p><strong>FD.io Vector Packet Processing (VPP)</strong>, a widely adopted high-performance networking stack across these environments, currently relies on ...
|
| 31.01.26 |
<p>Have you heard about HTTP Archive (HAR) files and wondered how you could leverage this data for deeper insights into your web applications? </p> <p>Imagine analyzing your page load request data as <a href="https://opentelemetry.io/">OpenTelemetry</a> traces in your favorite observability backend. This talk will explore the lessons learned from transforming HAR into an OpenTelemetry trace and streaming it to <a href="https://www.jaegertracing.io/">Jaeger</a>. Learn how to convert HAR data into ...
|
| 31.01.26 |
<p>Suricata is a high performance, open source network analysis and threat detection software used by most private and public organizations, and embedded by major vendors to protect their assets. Suricata provides network protocol, flow, alert, anomaly logs, file extraction and PCAP capture at very high speeds and provides a wide range of deployment options - IDS/IPS/FW/NSM.</p> <p>Suricata 8 is the latest stable edition that has been in development for 2 years, powered by collaborative work of ...
|
| 31.01.26 |
<p>Everyone's building MCP servers for network automation. Your agents can finally talk to each other and share context about your infrastructure. But what context are they actually sharing?</p> <p>If your agent's understanding of the network comes from vector embeddings and RAG, MCP is just helping you share incomplete topology understanding and missed policy dependencies faster. Vector similarity can't represent "which devices are upstream of this link" or "what routing policies affect this ...
|
