Internet privacy and security course
Aa font
AA font size
About translation
Previous Next
Internet censorship

Chapter 14

Internet censorship

When speaking about Internet censorship, I’d like to point out that censorship by itself is not a threat and does more good than harm. As a lot of people out there, I don’t want a neighbor holding a grudge against me to one day anonymously hire a killer to murder me. I also wouldn’t like the idea of another neighbor accessing some propaganda materials issued by ISIL and plotting a jihad in my city. For this purpose the government (at least some governments) resorts to blocking dangerous websites.

But censorship abuse, when the authorities use this tool to limit freedoms and rights, is the real threat this chapter dwells on in detail.

Let me give you an example of my view of what a censorship abuse is. At the end of 2017, Iran saw the largest anti-government protests that were instigated, among other reasons, by the growing prices. In an effort to curb dissent, the authorities blocked access to the Telegram messaging application for the majority of Iranians.

Telegram is the main messaging application for Iranians, with many of them using it to make a profit, while just as many use it as a corporate messaging service. Practically all the citizens of this country see it as the main tool to communicate with friends and family. The Iranians who were unable to circumvent the block could pay dearly for the authorities’ drastic move as, basically, they were cut off from the most important communication channel.

Responding to anti-regime unrest in the East with a move to block access to the Internet is a common thing. For instance, in 2011 during the protests, the Egyptians were cut off from the Internet altogether. However, these coercive measures instantly backfired against the government: the lack of Internet access provoked mass protests and tumult that brought down the then President Hosni Mubarak after nearly three decades of his rule.

Full Internet disconnection is a special case, and such censorship can’t be circumvented using common software. However, in the event of limited access to websites, there are two main ways to go around the block: through IP address and DNS.

DNS blocking

You are probably used to typing in a website’s address into your web browser like In reality, the data you enter is just a domain name. The website is located on the server and the real address of the website is an IP address. But since users would rather type in instead of a string of random numbers like, the inventors of the Internet came up with the Doman Name System, or DNS.

It works quite simply: there are root DNS servers that know what domain name corresponds to what IP address, and there are local servers that receive information from them. For instance, your ISP has a local DNS server too.

When you have typed in in your web browser, your computer asks the ISP what the IP address for the website is.

If this website is blocked, the DNS server of the ISP will respond with the IP address of the web page saying that the website has been blocked in response to the requests of the authorities.

Similar censorship tools are circumvented by a mere replacement of the DNS server for Google’s DNS server (you will learn how to do it in this course) or by using a VPN where, as a rule, you would use the DNS server specified in the VPN’s settings.

Website’s IP address blocking

When your computer receives from the DNS server the information about the IP address of the requested website’s server, it starts exchanging data with it that translates into the website you see in your browser.

All queries come from your computer through your ISP and can be blocked by it. However, a single IP address can contain several websites, and thus they will all get blocked. And that has happened a lot of times at least in Russia.

Proxying Internet traffic is the way to deal with this type of attack. It may be performed through a VPN, proxy, Tor, SSH, but the most important thing is to have the server you use to access the Internet located in a different jurisdiction.

A lot of users think that this would be a full bypassing of blocks. When in reality, whe