I have a question regarding VPN usage in South Korea and Saudi Arabia. I may go for short term work in either South Korea or Saudi for a few months. Does anybody have any idea, how safe it is to use a VPN as a foreigner in these countries? Worse case scenario, can I use a VPN in a Azure VM and scp torrent downloaded files or something?
How do they detect it?
Are we talking commercial VPN like Nord or Proton? What about something like Tailscale to connect to your home network?
Sure, they could block based on your VPN provider, but they’re probably also using Deep Packet Inspection .
The ELI5 verson: It’s possible to just “watch” your traffic and notice that it’s not the “normal” https traffic (which is the most common traffic) . This can be done by finger printing the request itself or just watching the amount of traffic. For example if you “visit” a website, but upload and download 3 megabytes of data and it takes 15 minutes to send/receive that data… well, that looks suspicious… and depending on the country, you may have some people knocking on your door.
VPN and any other encrypted app traffic has telltale signals. You might not be able to decode the content, but you can see who is talking to who, how often, how long, how much data, etc.
My firewall, Palo Alto, and my dns service, Cisco umbrella, has no problem identifying people using VPNs on my networks.
I wonder if someone could set up some form of tunneling through much more mundane traffic, perhaps even entirely over a legitimate encrypted service through a regular browser interface (like the browser interface for services like Discord or slack or MS Teams or FB Messenger or Zoom or Google Chat/Meet) where you can just literally chat with a bot you’ve set up, and instruct the bot to do things on its end, and then forward the results through file sending in that service. From the outside it should look like encrypted chat with a popular service over that https connection.
Things like that have existed. There are Reddit communities that are flooded with obfuscated comments that are used for communicating with bots. There’s probably one in the fediverse by now.