Telegram
Musixa in Project X
they have millions of customers, people use CDN for many different purposes
they can't just ban someone because of transferring encrypted random data
they can't just ban someone because of transferring encrypted random data
在 TLS 内再加密一层本身就不常见,除非你要对 CDN 隐瞒些什么,一你加密成全随机数,二它的流量相较于正常 HTTP 占比过高,就足够封你了,更别说 Xray 是开源的,失去了 TLS 的保护总能找到针对方法
总之,CDN 期待的是你传输正常 HTTP 网站流量,而不是一堆全随机数
总之,CDN 期待的是你传输正常 HTTP 网站流量,而不是一堆全随机数
👍28⚡2
Telegram
Musixa in Project X
They support websocket and grpc, are they for normal HTTP? no, they support many different things and high traffic encrypted traffic is not enough for them to block some users
they even added MQTT support i guess, these are not for regular HTTP traffic
keeping…
they even added MQTT support i guess, these are not for regular HTTP traffic
keeping…
?XHTTP 用的就是 normal HTTP,不然怎么穿透众多 CDN
😁8
Telegram
Musixa in Project X
isn't stream-up and packet-up grpc or events?
it was not my reason anyway, i mean even in HTTP form, there is a lot of applications that transters encrypted data like APIs or specific applications
it was not my reason anyway, i mean even in HTTP form, there is a lot of applications that transters encrypted data like APIs or specific applications
XHTTP 的 gRPC 和 SSE 只是 fake header,数据并不遵循它们的格式
我知道你的意思,我’想说,CDN 总能找到你的特征,不限于全随机数
我知道你的意思,我’想说,CDN 总能找到你的特征,不限于全随机数
👍13
Telegram
ちおれい in Project X
这确实有点与在明文 HTTP 被作为证据指控当事人所以现在先强制 HTTPS的倾向有些违背,强制HTTPS和能删减x_padding都是出于先发制人的想法,既然不能删掉 x_padding 那么能不能提供方式修改该头呢
这两个并不是一回事,威胁模型完全不同,甚至 CDN 不一定算是威胁
👍7😁1👀1
Telegram
ちおれい in Project X
CF一天能被伊朗人的翻墙流量拉上百TB
现在的问题其实是ITC已经对CF方向没有白名单的域名严重限速了
所以他们担心CF因为padding头封他们号的担忧不是空穴来风
现在的问题其实是ITC已经对CF方向没有白名单的域名严重限速了
所以他们担心CF因为padding头封他们号的担忧不是空穴来风
我的意思是真确认了 x_padding 会导致被封的话再改、开放自定义之类的,提前改的话想封还能从其它角度封,所以提前改没有意义
这个只能是 CDN 封什么就改什么
不过我倾向于先给 VLESS 出个加密,以对 CDN 隐藏被代理的 SNI
这个只能是 CDN 封什么就改什么
不过我倾向于先给 VLESS 出个加密,以对 CDN 隐藏被代理的 SNI
😁6👍1
Forwarded from GitHub
💬 New comment on Xray-core#3884 README.md: Only list secure web panels
by @RPRX
TBH, the feeling @MHSanaei brings to me is that, he will add any function to 3x-ui, but he will never touch the key problem:
How to fix "beginners are following YouTube videos to enter http://ip"?
It's just so, so strange, like he was told not to touch this topic. That's exactly why he was suspected.
Reply to this message to post a comment on GitHub.
by @RPRX
TBH, the feeling @MHSanaei brings to me is that, he will add any function to 3x-ui, but he will never touch the key problem:
How to fix "beginners are following YouTube videos to enter http://ip"?
It's just so, so strange, like he was told not to touch this topic. That's exactly why he was suspected.
Reply to this message to post a comment on GitHub.
👀5👍3😁1
你确实有选择的权利,只是公网明文 HTTP 应当在选项之外。
Indeed you have the right to choose, but plain HTTP for public network should not be in the options.
https://github.com/XTLS/Xray-core/pull/3884#issuecomment-2625487703
Indeed you have the right to choose, but plain HTTP for public network should not be in the options.
https://github.com/XTLS/Xray-core/pull/3884#issuecomment-2625487703
👍10❤1😁1
Project X Channel pinned «你确实有选择的权利,只是公网明文 HTTP 应当在选项之外。 Indeed you have the right to choose, but plain HTTP for public network should not be in the options. https://github.com/XTLS/Xray-core/pull/3884#issuecomment-2625487703»
Telegram
Amir in Project X
Alright, I agree with you on the fact that having stronger encryption (or any encryption) is a good idea but there are some points that you are missing:
1. In Iran most people are using domestic VPS's that are tunneled to a foreign server (more often than…
1. In Iran most people are using domestic VPS's that are tunneled to a foreign server (more often than…
As I said multiple times, not only Iranians are using these panels. And the REALITY private key shouldn't be stolen by the GFW, whatever the user wants to browse using the proxy. Surly the GFW wants you to use plain HTTP instead of HTTPS.
👍9👀2😁1
Telegram
Amir in Project X
Well then why are you not removing the ability to use xray-core transports without tls/reality? I guess because you are providing the users with choice, and he is doing the same
https://github.com/XTLS/Xray-core/pull/3884#issuecomment-2621464261
That's what I'm talking about, you people (one by one) are just ignorant and annoying, making me repeat the same word over and over again. Don't you have eyes to read the former discussion?
That's what I'm talking about, you people (one by one) are just ignorant and annoying, making me repeat the same word over and over again. Don't you have eyes to read the former discussion?
❤8👍2😁2
Telegram
Amir in Project X
I have read the conversation.
I can assure you that most newbies don't even know the difference between vless and vmess. You think if they took the time to read xrays documentation they would overlook something so simple as also enabling HTTPS in panels?
I can assure you that most newbies don't even know the difference between vless and vmess. You think if they took the time to read xrays documentation they would overlook something so simple as also enabling HTTPS in panels?
VLESS 要求每个客户端配置都有
"encryption": "none"👍13😁2
Telegram
Amir in Project X
You are correct, and that is a great thing. But most newbies who use panels don't even read the json config generated by those panels.
VLESS 的教程主要是教 REALITY 等,不像你们面板的都教些 http://ip
并且 VLESS 不看 json 看 GUI 也能看到
并且 VLESS 不看 json 看 GUI 也能看到
"encryption": "none"👍26😁7❤1
I just can't endure YouTubers teaching beginners to visit http://ip, which has already resulted in many supporters of http://ip, as the poll showed, and has already leaked countless passwords and private keys to the GFW, which is definitely a disaster.
Remember, we are anti-censorship projects. It just violates every value Project X holds, and the principle of protecting people's freedom of information. And at least in Xray-core, we've applied many designs to limit users' behavior for safety, and I believe it's one of the reasons why Xray-core has such an influence today, because we're always trying to do the right thing.
https://github.com/XTLS/Xray-core/pull/3884#issuecomment-2626479414
Remember, we are anti-censorship projects. It just violates every value Project X holds, and the principle of protecting people's freedom of information. And at least in Xray-core, we've applied many designs to limit users' behavior for safety, and I believe it's one of the reasons why Xray-core has such an influence today, because we're always trying to do the right thing.
https://github.com/XTLS/Xray-core/pull/3884#issuecomment-2626479414
👍42⚡6❤2🔥2😁2👀1
Project X Channel pinned «I just can't endure YouTubers teaching beginners to visit http://ip, which has already resulted in many supporters of http://ip, as the poll showed, and has already leaked countless passwords and private keys to the GFW, which is definitely a disaster. Remember…»
Forwarded from GitHub
💬 New comment on Xray-core#3884 README.md: Only list secure web panels
by @RPRX
I really don't to waste more time on this topic:
1. Since SSH port forwarding can be used easily, just set it as the default option, and delete unsafe plain HTTP.
2. Don't give user the chance to choose an unsafe option, as they don't know what they're choosing.
It's funny to hear that such a move violates their freedom to choose. It's just like you should wear seat belt in the car, even in a freedom country. Or, why would you wear space suit in the outer space? Why don't you just die?
Reply to this message to post a comment on GitHub.
by @RPRX
I really don't to waste more time on this topic:
1. Since SSH port forwarding can be used easily, just set it as the default option, and delete unsafe plain HTTP.
2. Don't give user the chance to choose an unsafe option, as they don't know what they're choosing.
It's funny to hear that such a move violates their freedom to choose. It's just like you should wear seat belt in the car, even in a freedom country. Or, why would you wear space suit in the outer space? Why don't you just die?
Reply to this message to post a comment on GitHub.
👍19😁9❤2🔥2
Project X Channel pinned «💬 New comment on Xray-core#3884 README.md: Only list secure web panels by @RPRX I really don't to waste more time on this topic: 1. Since SSH port forwarding can be used easily, just set it as the default option, and delete unsafe plain HTTP. 2. Don't…»
Project X
💬 New comment on Xray-core#3884 README.md: Only list secure web panels by @RPRX @monhacer The problem is, everyone knows that killing people is wrong, but there always are YouTubers teaching beginners to visit http://ip, no matter what I do, unless the…
And I'm willing to block more from this day on, you people made me doing this.
超越世界
超越世界
🔥20👀2