Russia's Digital Iron Curtain: How the 16KB Technique Is Quietly Strangling the Open Web

In the early hours of Tuesday morning, thousands of Russians attempting to access international news sites, cloud services, and social platforms encountered a peculiar phenomenon: pages that appeared to begin loading — headers flickering in, navigation bars rendering — only to freeze, corrupted, mid-render.

This is not a bug. It is, according to security researchers at Censored Planet and OONI, the signature of what they have termed the "16KB Curtain" — a technique in which deep packet inspection infrastructure operated by Roskomnadzor throttles HTTP response bodies to approximately 16 kilobytes before silently stalling the connection.

Unlike a traditional firewall block, the 16KB technique is insidious precisely because it does not look like censorship. The TCP handshake completes. DNS resolves normally. Even Cloudflare's edge servers receive the initial request. But somewhere in the transit path — at a backbone choke point operated by one of Russia's mandated SORM-3 filtering nodes — the packet flow is throttled to just enough data to render a broken page.

"It's a masterpiece of plausible deniability," said Dr. Irina Volkova, a network researcher at the Electronic Frontier Foundation. "When a user complains, the ISP can say: 'We see a valid connection. The problem must be on the foreign server's end.' No block list. No error page. Just silence."

The technique has been documented across Cloudflare, Fastly, and Akamai CDN nodes. Sites hosted behind these services — including major Western newspapers, Wikipedia, and several GitHub repositories — show markedly degraded load completion rates from Russian IP ranges since mid-2023.