Before posting, I've already read these suggested links: meek-client .. pluggable transports so my question is not duplicate. Rather it is an extension to that question. Meek client hides your ToR traffic from your ISP but it's working is quite complicated. in short it works like this How meek works In this picture you can see that Intermediate fronted server is decrypting the packet and forwarding the forbidden.example-> which is meek server itself. I understand ISP can't do this as it is encrypted request but the fronted server can easily block this "not allowed" domain because it knows that the request is made for meek server. Why the Content Delivery Network Fronted server is not blocking client request for connecting to meek server?? Either fronted server is not intentionally blocking it or it doesn't know that the forbidden.example request is actually a meek server. How it actually works?
Asked
Active
Viewed 2,056 times
1 Answers
0
You've got it right: All the pluggable transports can be potentially messed up if set up by an untrusted party, so be careful who you're trusting to. The idea of Meek client is to be a regular HTTPS client, the basic and unspecific, so the probability of DPI detection is degraded greatly. The graph you've referred shows precisely how it works: the client part is just a client for HTTPS queries. That's it
Alexey Vesnin
- 6,385
- 3
- 15
- 36