←back to thread

Cloudflare starts blocking pirate sites for UK users

(torrentfreak.com)
234 points gloxkiqcza | 2 comments | 15 Jul 25 14:33 UTC | HN request time: 0.001s | source
Show context
Retr0id ◴[15 Jul 25 15:30 UTC] No.44572211[source]
Previously, a convenient and low-latency way to bypass UK internet censorship was to proxy via a local datacentre - it's only the residential ISPs that are under pressure to censor traffic, commercial ones less so.

But if the blocking is happening somewhere other than the ISP, this is less effective. A hypothetical TPB user might want to proxy via Luxembourg now (seems like the shortest hop to somewhere with sane legislation)

replies(1): >>44572305 #
trollied ◴[15 Jul 25 15:40 UTC] No.44572305[source]
You didn’t even need to do that. Just needed an /etc/hosts entry for the domain.
replies(1): >>44572381 #
Retr0id ◴[15 Jul 25 15:47 UTC] No.44572381[source]
My ISP (Virgin Media) does DNS filtering and IP-based blocking and TLS SNI inspection. So you have to use ESNI or domain fronting, which last time I checked my browser could not be easily configured to do.
replies(3): >>44572588 #>>44572615 #>>44574295 #
arp242 ◴[15 Jul 25 16:07 UTC] No.44572615[source]
Is that common for all ISPs or just Virgin? When I lived in the UK (already a number of years ago) it was all just DNS-based. Running my own DNS resolver unblocked everything. I don't recall which ISP.
replies(1): >>44572708 #
1. Retr0id ◴[15 Jul 25 16:14 UTC] No.44572708{3}[source]
I think it's just Virgin doing the SNI stuff, but I wouldn't be surprised if others are doing IP filtering. I'm not sure if anyone's done a good survey of what the different ISPs are doing (it'd be an interesting project).
replies(1): >>44573618 #
2. doublerabbit ◴[15 Jul 25 17:23 UTC] No.44573618[source]
TalkTalk, Sky, BT & pretty much all domestic mainstream ISPs do DPI down to SNI.

They also exercise an IWF proxy so your already MiTM'd.

https://www.iwf.org.uk/