(lina.sh)

808 points shaunpud | 1 comments | 24 Aug 25 10:27 UTC | HN request time: 0.214s | source

Show context

zoobab ◴[24 Aug 25 11:09 UTC] No.45003254[source]▶

More censorship is a good inventive to build really uncensorable protocols that ISPs can't mess with.

replies(5): >>45003373 #>>45003394 #>>45003686 #>>45003737 #>>45005029 #

mzajc ◴[24 Aug 25 11:30 UTC] No.45003394[source]▶

These protocols or revisions already exist - DNSSEC at the site level and DoT/DoH at the user level prevent this kind of malicious tampering with responses by the ISP.

The issue is that they're not commonly used, and even if that changes, the ISPs can roll out harder-to-bypass censorship methods like SNI inspection or IP blocks.

replies(3): >>45003671 #>>45003954 #>>45005347 #

1. jeroenhd ◴[24 Aug 25 16:09 UTC] No.45005347[source]▶

>>45003394 #

SNI blocking will hopefully be harder now that Let's Encrypt is rolling out IP certificates, so ECH becomes viable for websites that don't share an IP address with known-good websites (like Cloudflare tunnels). IP blocks will be the only solution on the normal web.

For everything else, there's I2P and Tor.

↑

A German ISP changed their DNS to block my website