MCH2022 Curated content

Censoring the internet & how to bypass it

Battery 🔋
Aseem Shrey
In recent times, internet censorship has increased throughout the world. With governments realising the potential of the internet in spreading information as well as misinformation. To curb or rather control this, governments around the globe have taken to censoring parts of the internet by directing major ISPs to block access to those websites. The ISPs around the globe have used different methods to block the access. Some resulting in DNS filtering to others doing SNI ( Server Name Information ) inspection. There have been ways to bypass these restrictions, like DoH ( DNS over HTTPS ) and eSNI ( encrypted SNI ), now ECH ( Encrypted Client Hello ), supported by TLS 1.3. To counter these, some authoritarian regimes ( like China ) have blocked eSNI traffic altogether, to be able to sniff the traffic and block the websites accordingly on their ‘Great Firewall’. I will be talking about how these different mechanisms of blocking user traffic works, by doing a live demo of packet analysis using wireshark. Later on in the talk, I will show a comparative study of the different ISPs around the globe and what their approaches are at blocking the internet ( if any ). After understanding how the technologies work, I will show ways to bypass the censorship by some open source tools, DIY solutions and finally some paid/managed alternatives. What are the things that one should look for when choosing one such paid solution. Towards the end, I will announce the open source repo for the tool used to conduct this project, where people can contribute and use it for their own research purposes.
I am analysing some of the major ISPs 'around the globe' and how they’re blocking websites and easy + cost-effective ways to bypass them. There has been some previous research into this, but that has included some limited dataset, back in 2020. From then to now a few things have changed including the way ISPs are blocking websites. With this project I am trying to : 1. Analyse the global censorship of internet 1. Globally how different ISPs block the network traffic 2. Distribute the client globally and ask volunteers to run this atleast once 2. Release the client and server code as open source 3. Publish all the data, country wise on a github repo for everyone to consume The talk would be in two parts : - First : Where I talk about the technical nitty-gritties as to how censoring in modern times work. - Second : After understanding how the technologies work, we will try to bypass those by some open source tools, some DIY solutions and finally some paid/managed alternatives, what are the things to look for when choosing one such provider. Hence, even for folks who aren't much into the technical details of censorship, would have some arsenal of tools to bypass it, by the end of the talk. Starting with the famous question : \ “What happens when you type a (https) URL in your browser and press enter ?” \ \ I will cover all the aspects starting with : 1. DNS lookup 2. TLS Handshake - ClientHello,TLS negotiation, ServerHello etc 3. Encrypted Data Transfer All of these would be shown a live demo of in wireshark, alongwith decrypting the traffic using certificates. Explaining these stages are important because each of these involve ISPs tampering with to censor the internet. Once we know how it’s done, we will figure out how to resolve this privacy issue. Like : Stage How ISPs censor Confirmation Test Bypass DNS Lookup Their own DNS as default DNS filtering Check on dnsleaktest.com Use DoH ( DNS over HTTPS ) dnscrypt TLS Handshake SNI Inspection Use the tool Check on wireshark Use VPN eCH Further move on to ECH ( Encrypted Client Hello ) and why China hates it . Show a comparative analysis of the different ISPs I’ve tested using the tool. Towards the end talk about the open source tool, the client and server code themselves. The tool, client app : 1. Sends request to alexa top 1M domains 2. Records packet response and to find what kind of filtering is in place ( if any ) 3. Sends data to central dashboard server for generating heatmaps and graphs The tool, server app : 1. Will consume all the JSON data and validate its findings. 2. Generate heat maps for all the ISPs and different websites that are blocked. Talk about solutions to bypassing the censorship : 1. Open source tools & solutions - DoH, changing default DNS etc 2. DIY things - self hosted 1-click VPN, ephemeral on-demand sshtunnel etc 3. Paid solutions - Things to look for when choosing one such paid solution

Additional information

Type Talk
Language English

More sessions

7/22/22
MCH2022 Curated content
Elger "Stitch" Jonker
Abacus 🧮
⚠️ Warning! This talk may contain hackers. There may be hackers in the room. There may be hackers surrounding the room. There may be hackers recording this. There may be hackers listening in. There may be hackers that exfiltrate data. There may be hackers wearing shirts. There may be hackers carrying spying devices. OH NO! There are hackers EVERYWHERE! What can we do now, except having a party?
7/22/22
MCH2022 Curated content
Jelle vd ster
Abacus 🧮
What do big tech, synthesizers, the crucifixion and Matthäus Passion have in common? Find the answer in the tech performance The Silicon Passion. We’ve all embraced big tech —but is it a warm hug or a strangulation? Bear witness to a debate of biblical proportions between tech nerds, technology and its users. In The Silicon Passion SETUP, in collaboration with de Transmissie (David Schwarz en Derk Stenvers) and Rodrigo Ferreira, is looking for a way out of the pit that technology has ...
7/22/22
MCH2022 Curated content
Clairvoyance 🔮
Lightning talks are a 5 to 10 minute quick talk on an interesting subject. They can be with or without slides, and with or without proper preparation. if you weren't accepted in the main CfP, this is also a great opportunity to give an abridged version of your talk. These sessions will be available to sign up to later on, with details on the wiki.
7/22/22
MCH2022 Curated content
Mikko Hypponen
Abacus 🧮
This is a submission for a keynote talk at MCH2022. The Internet is both a familiar, comfortable place as well as a bottomless rabbit hole you can lose yourself in. The Internet has always been like this from its inception, the difference now is the scale and consequences are almost immeasurable - and it tests the limits of human imagination. When you look into the mirror of the Internet what you see reflected back depends on what you are looking for. It has become largely a reflection of ...
7/22/22
MCH2022 Curated content
Battery 🔋
Thanks to DNSSEC and DANE, it is possible to automatically verify user@domain.name identities by checking with domain.name servers. The real problem however, is integration with existing protocols, instead of inventing something completely new and perhaps web-only. The purpose of our work on Realm Crossover mechanisms has been to design generic solutions that extend many different application protocols, without changing their protocol specs.
7/22/22
MCH2022 Curated content
Klaus Agnoletti
Clairvoyance 🔮
Utilizing collaborative security to collect data on attacks we were able to detect Log4J in a quite unusual but effective manner. We'll show you how CrowdSec enables the entire infosec community to stand together by detecting attempts to exploit a critical 0day, reporting them centrally thereby enabling anyone to protect themselves shortly after the vulnerability was made public. The unusual part is that this is done using FOSS software and by analyzing logs of real production systems but in a ...
7/22/22
MCH2022 Curated content
bert hubert
Abacus 🧮
Building on the very well attended DNA presentations ("DNA: The Code Of Life") at SHA2017, this talk will cover: * A brief recap what DNA is and how it works * It is surprisingly digital! * How reading DNA is within 'pro-sumer' reach now * (I might bring a live demo for after the talk) * An overview of DNA editing technologies (offline, and online: on living organisms) * Including the famous CRISPR-CAS, but also newer variants * How does such editing actually work in a lab? * The surprising lack ...