22
The 16‑kilobyte curtain. How Russia’s new data‑capping censorship is throttling Cloudflare (zona.media)
submitted 3 weeks ago by Pro@programming.dev to c/technology@lemmy.world
22 comments fedilink hide all child comments

A new form of state-level internet filtering that restricts data flow is disrupting access to large portions of the global web for Russian citizens. Cloudflare, the world leader in DDoS protection and high-traffic load management, is being targeted by these new data caps, which appear designed to push users toward Russian-controlled services. Meanwhile, the move leaves Russian businesses dangerously exposed.

top 22 comments
sorted by: hot top controversial new old
[-] LWD@lemm.ee 4 points 3 weeks ago* (last edited 3 weeks ago)

According to technical experts, internet service providers across the country have begun implementing a rule that limits data transfers from sites using Cloudflare to just the first 16 kilobytes. This technique is relatively subtle but effective: very lightweight, basic websites can still load, creating a façade of normal internet function, while modern, media-rich sites are effectively broken.

16 KB per website? What part of the normal internet is that small? What part of the indie web is that small?

e.g. look at the smallest sites on https://512kb.club/

Or is this just 16kb per request, which would make more sense with the following explanation:

Analysts report that similar throttling is also being applied to other major western hosting providers popular with Russian users, including Germany’s Hetzner and the US-headquartered DigitalOcean... [they] are widely used by Russians to host private VPN servers, which allow them to bypass the Kremlin’s ever-widening blocklists.

AFAIK, VPNs maintain a long-standing connection that would definitely use more than 16kb at a time.

[-] CEbbinghaus@lemmy.world 4 points 3 weeks ago

Its an endless arms race. Next will be chunking vpns that chunk requests down to 16kb packets and reassemble on the other end. There is nothing stopping a custom protocol from working around this limitation, in a safe secure manner.

Just a matter of time.

[-] Ghoelian@lemmy.dbzer0.com 1 points 3 weeks ago

You could probably do it with http if the server properly supports the content range headers.

[-] GreenKnight23@lemmy.world 0 points 2 weeks ago

it's about time someone fuckin did it.

it's a shame it's Russia though.

[-] phoenixz@lemmy.ca 0 points 2 weeks ago

What are you even talking about?

[-] GreenKnight23@lemmy.world 1 points 2 weeks ago

cloudflare is a symptom of the corporatization of the internet.

they goals are counter to the goals of the internet to be a distributed repository of communities and information.

CF not only unifies all the communications through their services, which can cause worldwide outages (happens literally every year), but collects and tracks users across all other network requests.

CF is anti-privacy and pro-corporate interests.

[-] greenbit@lemmy.zip 0 points 3 weeks ago

Cloudflare and Russia are both bad, take each other down pls

[-] NotProLemmy@lemmy.ml 0 points 3 weeks ago

Why is cloudflare bad?

[-] greenbit@lemmy.zip -2 points 3 weeks ago

[-] anachrohack@lemmy.world 0 points 3 weeks ago

Why is this bad

[-] greenbit@lemmy.zip 0 points 3 weeks ago

Wasting time on useless obstacles is bad

[-] underwire212@lemm.ee 1 points 3 weeks ago

The obstacles serve a specific purpose though. Do you believe this purpose is unimportant?

[-] greenbit@lemmy.zip 1 points 3 weeks ago

As usual, the purpose doesn't justify the means. The goal could and should be achieved without this nonsense

[-] underwire212@lemm.ee 1 points 3 weeks ago

How so?

[-] greenbit@lemmy.zip 1 points 3 weeks ago* (last edited 2 weeks ago)

These active captchas instead of methods not visible to the user are worse at hindering nefarious use than regular human use

[-] anachrohack@lemmy.world -1 points 3 weeks ago* (last edited 3 weeks ago)

They're meant to prevent bot traffic to sites and protect from DDOS attacks

[-] mic_check_one_two@lemmy.dbzer0.com 1 points 3 weeks ago

Except that bots already have a higher pass rate than humans, so the captcha isn’t even good at preventing bots.

[-] CybranM@feddit.nu -1 points 3 weeks ago

Care to expand on that? Why are captchas bad?

[-] greenbit@lemmy.zip -1 points 3 weeks ago

Sorry, I assumed this was already common knowledge. There's another thread fork from a comment.

Tl;dr they're not good at their purpose and cause unneeded annoyance to users.

[-] cevn@lemmy.world 1 points 3 weeks ago

Agree

[-] Korhaka@sopuli.xyz 1 points 3 weeks ago* (last edited 3 weeks ago)

And the cloudflare ones are broken as fuck. It varies but I often just can't pass them. Answer it, wheel goes round and then back to having to tick it and start again. Beep boop.

If I see a cloudflare check I often just don't bother loading the site at all.

[-] greenbit@lemmy.zip 2 points 3 weeks ago

Yeah cloudflare gets a similar reaction as a paywall. Fuck this site, I'll go somewhere else

this post was submitted on 19 Jun 2025
22 points (95.8% liked)

Technology

72688 readers
1165 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws