Default Telegram Desktop uses a static ClientHello with a fixed fingerprint, making it easy for DPI systems to detect and block MTProto traffic.
Changes:
- Random selection between Chrome-like and Firefox-like fingerprint on each connection instead of a single static rule set
- Dynamic cipher suites: a small set of essential suites are always present, a random subset is picked from the remaining ones, then everything is shuffled
- Randomized TLS extensions: besides mandatory SNI, randomly add a few valid extensions from a predefined list, also shuffled
- Chunked ClientHello sending with random delays between chunks and random initial delay, forced flush after each chunk
- Disabled Nagle's algorithm via LowDelayOption for immediate packet sending
- Added random jitter to timestamp to avoid perfect precision
Each new connection generates a unique ClientHello with different fingerprint, different cipher suites, different extensions and different sending pattern, making MTProto traffic detection by signature impossible.
- Increase ClientHello size via padding
- Fragment outgoing packets with randomized chunk sizes
- Remove extension shuffling for stable fingerprint
- Add support for new TLS block schema types
- Add random jitter to timestamp generation
* Hacky implementation, needs review.
- Drag-and-drop of photos into chats.
- Testing Qt RHI renderer on macOS and Windows on ARM.
- Native external webapp viewer on Linux by default.
- Frequent contacts and search in gift recipient picker.
- Fix passcode bypass via separate windows opened while locked.
- Fix clickable timestamps in blockquote.
- Fix never ending download progress in web apps.
- Fix borders in Instant View tables.
- Fix several possible crashes.
Qz3rK