←back to thread

A German ISP changed their DNS to block my website

(lina.sh)
808 points shaunpud | 4 comments | 24 Aug 25 10:27 UTC | HN request time: 0s | source
Show context
zoobab ◴[24 Aug 25 11:09 UTC] No.45003254[source]
More censorship is a good inventive to build really uncensorable protocols that ISPs can't mess with.
replies(5): >>45003373 #>>45003394 #>>45003686 #>>45003737 #>>45005029 #
mzajc ◴[24 Aug 25 11:30 UTC] No.45003394[source]
These protocols or revisions already exist - DNSSEC at the site level and DoT/DoH at the user level prevent this kind of malicious tampering with responses by the ISP.

The issue is that they're not commonly used, and even if that changes, the ISPs can roll out harder-to-bypass censorship methods like SNI inspection or IP blocks.

replies(3): >>45003671 #>>45003954 #>>45005347 #
ACCount37 ◴[24 Aug 25 12:16 UTC] No.45003671[source]
And webmasters can, in turn, ramp up the adoption of QUIC, ECH, IPv6, or bury their frontend in some CDN that you can't feasibly "IP ban" without massive collateral damage.

You can't win the war against corporate censorship and malicious anti-freedom politicians through purely technical means. But you can sure make it much harder for them.

replies(2): >>45003803 #>>45004898 #
1. eskuero ◴[24 Aug 25 15:20 UTC] No.45004898[source]
> you can't feasibly "IP ban" without massive collateral damage.

Oh but they can, we are suffering this in Spain every weekend the football league plays.

Tons of Cloudflare IPs sent to a blackhole regardless of how many other non relevant websites are behind.

replies(1): >>45007104 #
2. iknowstuff ◴[24 Aug 25 19:44 UTC] No.45007104[source]
They block them during games only? Lmao thats some insane lobbying
replies(1): >>45007988 #
3. otherme123 ◴[24 Aug 25 21:30 UTC] No.45007988[source]
They do, and they deny they are doing it. The thing works like this: Telefonica owns Movistar, who has the rights to soccer matches. A few webpages offer pirated streams to those matches, behind Cloudflare. Telefonica call the judges and hand them the Cloudflare IP (shared by thousands of sites), who are obviously ignorant about how internet works, through a special "urgent" protocol. As soon as Telefonica has the judge OK, they stop serving Cloudflare, affecting thousands. Their support forums start to boil, but they deny any issue. As soon as the match ends, Cloudflare is back again. This only affects Telefonica and O2 clients.

Some business are really angry because they claim their peak hour of the week is during the matches (e.g. wife buying online while husband watch the match)

replies(1): >>45012598 #
4. arielcostas ◴[25 Aug 25 11:17 UTC] No.45012598{3}[source]
Wait, does the judge accept each request? I thought at this point LaLiga was giving the ISPs the ranges directly. Plus it's not only Telefonica/O2, this season (started 2 weeks ago) it's also Vodafone, Digi and MasOrange.

And they don't deny doing it, they claim they block Cloudflare because they host piracy, child pornography (how would they know, did they search for it specifically?) and other illegal stuff and their response is basically "complain to Cloudflare" or "those blocks affect only 4 nerds [using Github, Cloudflare tunnels, Docker Hub...] so we aren't going to change anything".