When you are living or staying in a restrictive country where personal rights are usually getting scrapped away, you will most likely have a problem when trying to access certain websites on the internet. Most of the time, the restrictive countries are enforcing their internet laws to their citizens, forcing them to follow the guidelines as laid out by the government.
The government will totally control the people’s behavior over the internet by using the technology that won’t allow them to exercise their online privacy rights or personal freedom on the internet. One of the methods used by the restrictive government to block your online traffic is by using a system called DPI or Deep Packet Inspection.
What the DPI system is doing is that it will analyze the internet traffic that is coming through your ISP. It will identify your traffic type and either allow the traffic to reach the internet or block it. If you are using the regular ISP traffic, the system will allow you to access the internet, while if you are using the VPN traffic, the system can recognize it and block your connection from reaching the internet. This is an advanced traffic monitoring system installed by the restrictive government to prevent people from using private connections and force them to follow the government’s internet regulations.
Background
As TrueVPN focuses on security and privacy, It’s clear that DPI is a huge issue!
When talking about privacy and security, We must consider that DPI that performed by some countries for VPN blocking or any other political reason comes against user’s privacy.
Why we consider it as a huge privacy issue?
Alright, to answer that, we need to understand how Deep Packet Inspection works.
Well, Deep packet inspection evaluates the data part and the header of a packet that is transmitted through an inspection point, weeding out any non-compliance to protocol, spam, viruses, intrusions, and any other defined criteria to block the packet from passing through the inspection point.
Deep packet inspection can examine the content of messages and identify the specific application or service it comes from. In addition, filters can be programmed to look for and reroute network traffic from a specific Internet Protocol (IP) address range or a certain online service like Facebook.
So by looking to the image above, We can see that DPI acts like MITM Attacks, So the encrypted user’s traffic has to be decrypted to read its data then re-encrypt it again and re-send the encrypted data to the CA. So we MUST consider that this is a huge issue of user’s privacy.
HOW TRUEVPN SOLVED THE ISSUE?
Ok, At TrueVPN we believe deeply in security and user privacy, Every user has rights to privacy, because we believe that privacy is a human right and it should be respected.
All human beings have three lives: public, private, and secret.
Gabriel García Márquez
For a long while, TrueVPN was trying to solve this issue and bypassing DPI without redirecting user’s traffic or missing with CA. If you do not know what is that means, So you must have a little knowledge of Networking.
TRUEVPN RESEARCH
Based on our Research, We’ve developed an AI tool to analyze the ISP’s connection policies before establishing the connection, by performing that, we can check if the ISP blocks the used VPN protocol by the user or recently performed Deep Packet Inspection or Bandwidth Throttling based on analytics data. This tool is powered by Skytells’s latest AI, and its powerful enough to analyze these policies.
Of course these tools are deployed on TrueVPN’s iOS App for version 2.5 and later.
HOW IT WORKS?
When you Enable Policy Checks on TrueVPN, The app will perform some checks before establishing the VPN connection, And try to solve any detected issues regarding the ISP or the living country if possible.
Lets give it an example, Imagine of a user named Doe, lives in country X, while country X is performing a Deep Packet Inspection targeting VPN providers to crack em down, So, When the users opens the VPN app and taps connect, Here’s what’s going to happen in the background
- User Taps or Clicks (Connect to a VPN)
- The VPN app will choose the VPN protocol if it not set by user.
- The App chooses iKEv2 or IPSec
- The app begins to connect using IKEv2 or IPSec
- The App receives connection timeout message
And here’s why, When the App tries to choose the protocol on the 2nd step, it doesn’t check if the protocol has an issue regarding VPN Blocking in the current location or not, so it may ends up with connection timeout if it fails to connect.
But, by using an analytics tools based on research such as Policy Checks Mechanisms TrueVPN will perform the following steps regarding the connection.
- User Taps or Clicks on (Connect to a VPN)
- TrueVPN performs some checks on user’s connection
- If there’s an issue regarding the connection (See Image), The app tries to solve it first.
- After solving the issue, The app will choose an obfuscated protocol
- The app begins to connect using obfuscated protocol powered with proxy tunnel
- The App receives success response from server.
So by performing that, TrueVPN will only use a custom obfuscated protocols when needed, and these protocols are empowered by proxy tunnel to prevent DPI detection, And finally the app can bypass the VPN Blocking.
POLICY CHECKS FAQs
Here are some answers related to this feature.
Is Policy Checks Feature Free?
Yes, This feature is free.
Should in use TrueVPN with Policy Checks?
If you’re living in a country cracks down VPN connectivity or recently performed DPI, You must enable this feature.
Will This Decrease or Increase Connection Speed?
Of course no, This feature are just a mechanisms, designed to perform some analytics on ISP and connection before you connect to a VPN.
Conclusion
If you live in one of the countries who have issues with VPN Providers and tries to crack them down by blocking VPN protocols or performing DPI, Then TrueVPN is your best choice, because the app can bypass that easily.