When speaking about Internet censorship, I’d like to point out that censorship by itself is not a threat and does more good than harm. As a lot of people out there, I don’t want a neighbor holding a grudge against me to one day anonymously hire a killer to murder me. I also wouldn’t like the idea of another neighbor accessing some propaganda materials issued by ISIL and plotting a jihad in my city. For this purpose the government (at least some governments) resorts to blocking dangerous websites.
But censorship abuse, when the authorities use this tool to limit freedoms and rights, is the real threat this chapter dwells on in detail.
Let me give you an example of my view of what a censorship abuse is. At the end of 2017, Iran saw the largest anti-government protests that were instigated, among other reasons, by the growing prices. In an effort to curb dissent, the authorities blocked access to the Telegram messaging application for the majority of Iranians.
Telegram is the main messaging application for Iranians, with many of them using it to make a profit, while just as many use it as a corporate messaging service. Practically all the citizens of this country see it as the main tool to communicate with friends and family. The Iranians who were unable to circumvent the block could pay dearly for the authorities’ drastic move as, basically, they were cut off from the most important communication channel.
Responding to anti-regime unrest in the East with a move to block access to the Internet is a common thing. For instance, in 2011 during the protests, the Egyptians were cut off from the Internet altogether. However, these coercive measures instantly backfired against the government: the lack of Internet access provoked mass protests and tumult that brought down the then President Hosni Mubarak after nearly three decades of his rule.
Full Internet disconnection is a special case, and such censorship can’t be circumvented using common software. However, in the event of limited access to websites, there are two main ways to go around the block: through IP address and DNS.
You are probably used to typing in a website’s address into your web browser like www.google.com. In reality, the data you enter is just a domain name. The website is located on the server and the real address of the website is an IP address. But since users would rather type in google.com instead of a string of random numbers like 188.8.131.52, the inventors of the Internet came up with the Doman Name System, or DNS.
It works quite simply: there are root DNS servers that know what domain name corresponds to what IP address, and there are local servers that receive information from them. For instance, your ISP has a local DNS server too.
When you have typed in www.google.com in your web browser, your computer asks the ISP what the IP address for the website www.google.com is.
If this website is blocked, the DNS server of the ISP will respond with the IP address of the web page saying that the website has been blocked in response to the requests of the authorities.
Similar censorship tools are circumvented by a mere replacement of the DNS server for Google’s DNS server (you will learn how to do it in this course) or by using a VPN where, as a rule, you would use the DNS server specified in the VPN’s settings.
Website’s IP address blocking
When your computer receives from the DNS server the information about the IP address of the requested website’s server, it starts exchanging data with it that translates into the website you see in your browser.
All queries come from your computer through your ISP and can be blocked by it. However, a single IP address can contain several websites, and thus they will all get blocked. And that has happened a lot of times at least in Russia.
Proxying Internet traffic is the way to deal with this type of attack. It may be performed through a VPN, proxy, Tor, SSH, but the most important thing is to have the server you use to access the Internet located in a different jurisdiction.
A lot of users think that this would be a full bypassing of blocks. When in reality, when accessing the Internet using a remote server, for instance, a VPN, you can find yourself facing restrictions of local ISPs, for instance, Swedish, if your exit server is located in Sweden.
In the event of using a tunnel, your ISP sees the connection to a VPN or proxy server but doesn’t block the data exchange since this is not forbidden.
Application blocking methods
We have so far dealt with website blocks. When it comes to applications, for instance, messaging apps, everything happens in a similar manner. A messaging application connects to the controlling servers, and during the connection it gets blocked.
In Russia, Roskomnadzor’s ordered ISPs to cut service to instant messaging app Telegram’s own IP addresses blocking over 18 million IP addresses belonging to Amazon, Google, Hetzner, Microsoft, Digital Ocean. The move also inadvertently affected a number of other businesses disrupting the services of such companies as Battle.net, EA Games, Steam, Skyeng, anti-DDoS service Google Shield, Evernote, Spotify, Gett, Volvo. Telegram’s legitimate competitor Viber also suffered collateral damage from Roskomnadzor’s outage repercussions while Telegram continued running.
Sometimes you would come across port blocking. Every application that needs to access the Internet uses a port to connect to the network. For instance, TeamViewer uses port 5938, Steam - from 27015 to 27030. If your Internet traffic gets blocked through these ports, the application will be unable to connect to the server.
As a rule, this is practiced at companies. For instance, at the company my girlfriend used to work for, the system administrator blocked port 5190 that was used by then hugely popular ICQ messaging app. The port blocking prevented the employees from using ICQ at work.
Many modern applications protect themselves from port blocking. For instance, TeamViewer will try to connect over ports 44