VLESS vs Shadowsocks

3 min readAug 12, 2024

If you’ve ever been looking for free outline keys, it will be useful to learn about VLESS — a new protocol that is gradually replacing Shadowsocks. Let’s talk about how they differ and what advantages they have.

Disclamer: the article is written from Russia, we have a bit tougher situation with blocking here than in the rest of the world, so not everything said here may be relevant for your country :)

What are the differences between the protocols?

Shadowsocks is a philosophy of “encrypt everything to be unlike anything else”. SS is extremely easy to set up, especially when using the most popular client “Outline”.

VLESS is masquerading as HTTPS traffic, which is the most common traffic on the Internet. For an ISP it looks like an ordinary request, for example, to Google. Configuring VLESS is much more complicated.

What are the problems with Shadowsocks?

The version of Shadowsocks (AEAD) that Outline uses has known vulnerabilities, such as:

The ratio of ones to zeros in bits is about 1:1 (Github Issue), which leads to traffic identification. China has been blocking SS-AEAD in this way for a long time. Outline is in no hurry to switch to the latest version of Shadowsocks-2022, where many flaws have been fixed (Github Issue).
Shadowsocks speed is sometimes cut by operators on the basis of “no traffic — stop”. Already in practice, Shadowsocks stops working in Russia. For example, during blocking in Dagestan, when all unknown protocols were banned on TSPU (Technical Means of Countering Threats). VLESS, because it masqueraded as HTTPS, continued to work. And since April 2024, RKN is testing a new (for Russia) type of SS blocking on some operators.

What is VLESS?

VLESS has much broader capabilities:

For example, it can work via CDN (Content Delivery Networks) thanks to WS transport, gRPC and HTTPUpgrade. This allows you to bypass even IP blocking of servers and entire hosts (especially in Turkmenistan and Iran), CDN is a workaround. Shadowsocks “can’t do that”.
VLESS is currently being actively developed by the Xray core developers. In the spring of 2023, “Reality” (very roughly speaking, an extension for VLESS) was released, which allows you to very reliably disguise your server (and traffic) as another site.
As a rule, clients that support VLESS, also have support for routing — it allows you to use domestic sites (including government and banks) even with VPN enabled.
Paradoxically, VLESS is sometimes better than SS in terms of energy efficiency. Outline server literally keeps your smartphone awake (Github Issue).
When properly configured, VLESS can penetrate even the most sophisticated corporate firewalls.

The main disadvantages of VLESS:

Difficulty in customization. Incorrect configuration does not give the desired level of masking and increases the probability of blocking. Documentation is available only in Chinese and English, and even then not completely. Misconfiguration can increase latency compared to SS.
If set up incorrectly, the latency may increase compared to SS.
Clients. Outline with its one big button is of course much nicer than all v2ray-clients.

Conclusion

Try the VLESS protocol in our telegram bot: @LagomVPN_bot. If you want to discuss more about how to bypass blocking in your country, write to us here: @LagomSupport_bot — we’ll be glad to exchange experience :)