On the topic of Internet Censorship
Internet censorship circumvention is becoming more common as the years go by. After reading a recent post on a browser blocking a censorship check add-on, I want to clear up some misconceptions about it.
- Published on .
- Last updated on .
- Tagged under
After reading a recent post in Mastodon (not linking the post here) about Mozilla silently removing a helpful add-on named censor-checker in Russia (citation needed, I never used it, so can't vouch for the helpfulness), I understood that many do not understand how a government authored censorship works, so I wanted to blog rant about it.
Everything I am telling here is considered obvious by people who have used internet for long time, but it may not be so for the younger generations, so keep that in mind when reading this.
Examples of Internet censorship
Even if you are in one of those countries that are affected by censorship, you will most probably be able to read my blog. This is because, though I am having more visitors these days, this is still a small website that not many know about. Another reason is that, I haven't shared anything here that is censorship worthy.
But, there are places where some will not be able to access my website, they operate with an allowlist/whitelist method. These places could have a massive private internet (or Intranet to be precise) and a selected few officials can access the outside world. An example of such a place is the North Korea.
Types of Internet censorship
There are two common types of Internet censorship.
The first type of censorship you face is when the websites are banned based on their domain name or the IP addresses through the local Internet Service Provider (ISP). This is done when a government (or sometimes just an ISP) decides that a whole domain is considered harmful for them or their beliefs. (You might be interested in reading my blog on the Chinese app ban done in India)
The second type of censorship is similar to what we saw with Mozilla, where a specific page or a list of pages is hidden from a region. It can only be enforced by the government by sending a legal letter, and this is very efficient.
A government entity or a large organization could also do a [distributed]-denial-of-service attack to prevent others from accessing a service.
No matter which jurisdiction the organization operates in, they will need to comply with the local government to operate in that region. So the bigger the organization, the higher the chance that they are forced to comply with the censorship. There is no point in blaming their current leadership or the product, the blame should always be on the government restricting the freedom of their citizens.
The common method of circumvention
The main reason for a government to censor a page or a domain is to prevent their citizen from gaining knowledge about some specific things, and this obviously includes the knowledge of censorship circumvention.
You will know more about this if you have used a Virtual Private Network (VPN) to access the internet before. In a nutshell, a VPN is a glorified proxy, your requests are sent through someone else's server and thus preventing the ISP from figuring out which website you are visiting.
In theory, this could also help you avoid the second type of censorship by telling the website that you are visiting from a place without censorship
Most websites will stay behind a firewall to block malicious requests and bad actors from exploiting the website, these firewalls usually block the VPNs. You will be surprised by the trivial websites behind such firewalls, often, the wall is Cloudflare, which kicks you out when your request is made through a proxy.
Note, there are two things that you need to know when using such proxies:
- Depending on where you are, using a VPN or other proxies could potentially block your access to the internet as a whole.
- Any attempt to bypass censorship could put you in a watch list, as not many uses such methods, it is easy for an ISP to find you are doing something suspicious, though they cannot know what you are doing.
By now, you might have noticed a pattern, and figured out that the way to avoid censorship is to not get detected that you are circumventing it. But this is a bit paradoxical, do you know why?
The paradox
To not get detected, you will need to use a good tool that hides you, but how will you know what a good tool is?
A technically apt person could read the source code of the software or understand, implement a protocol and use it. But what about the non-tech people?
The majority who are affected by censorship either do not have a way to circumvent it, or do not even know that they receive censored information.
This means that, for an average person to circumvent the censorship, they need to know that they are prevented from accessing certain types of knowledge, and must find a way to access it without getting caught.
It is impossible to let the common non-tech people know about the censorship without going through a publicly accessible and trusted medium, and that medium is usually censored to prevent such knowledge from being revealed. See the paradox now?
The right way to circumvent it
The right way to circumvent censorship is to do it physically and through the word of mouth.
- Someone who knows about the Internet censorship discloses it to a trusted group.
- A tech-savvy individual informs the non-tech person about the censorship.
- Educate them on how serious the matter is and to keep the secrecy.
- Setting up the tools to circumvent the censorship
- Educating them on the dos and don'ts of the tool.
Is this fool-proof? No, it never is, censorship and circumvention is a cat-and-mouse game, it will never end.
A distributed communication system is often resilient to censorship, as the information is duplicated, it is possible for one to find the censored information elsewhere. But the problem with such a system is that the data might be outdated, or sometimes even partially available.
For websites, both outdated and up-to-date information needs to be accessible for a successful censorship circumvention. This can be achieved by archiving the website periodically, one such place where you can archive a website is the archive.org.
The reason for needing outdated information is that, the website admin can change the information to comply with the censorship laws and regulations, so it is a must to have a way of going back in time and reading it.
Anonymizing routers like tor helps to avoid detection to a certain level, as long as you stay within the tor network and do not identify yourself, you should be able to access the information.
There are many other ways of accessing decentralized and distributed content, checkout the letsdecentralize.org (onion link).
When common circumvention is disallowed
When the common methods are no longer viable, like what happened with the add-on bocked by Mozilla, it is important to know and understand that there are workarounds for them. For example, the said add-on can be installed manually by obtaining it from the developer instead of downloading from the Mozilla.
For anonymizing networks, the blocking is against a known node/IP, so you might be able to request for an alternative route (the tor browser has ways to do this, for example).
When a decentralized platform is blocked, you should be able to find an alternative node, a route, or a proxy to obtain the information, you will need to keep looking or ask for help from a trusted community/individual.
If none of this is a possible for you, the last option would be a peer-to-peer decentralized network, but it should also be routed through a proxy if you want to stay safe and anonymous.
The bottom line is, you cannot rely on an organization, no matter how good they are to circumvent censorship, what you need is a community of volunteers doing what they can to help others.
The problem with trust
The internet is filled with misinformation, because of this, it is near-impossible to know what you read is factual or not. It is up to the reader to be sceptical of everything and read things with a grain of salt.
Just like information being censored, it can also be altered by the people with power and audience, which is the root cause of some falsely believing that the mRNA Vaccine is bad or that coronavirus is made up.
When you get around the censorship, you will also find a lot of misinformation like this. So here is the next problem, if both censored and uncensored information can be fake, how will you know what to trust?
The simple answer is, you can't! You will need to judge it by yourself, by finding facts rather than trusting people you know or read. The easiest ones to filter out are the statements made without linking to sources, or linking to debunked sources. But it is still up to you to find and filter them.
Updates
: Jeffery Breed from onlinesafetymasters.com brought to my attention to an article at vpnmentor.com about the reality of living behind a Digital Iron Curtain
. Please use uBlock Origin and a good hardened web browser like Librewolf if you want to visit that link.
Note that, while I agree with their statement on being wary of free VPNs, and encourage you to read through the timeline of digital restrictions in Russia, I do not recommend the use of their promoted VPNs.
Any proprietary implementation of VPNs is also dangerous to use as you will never know the weakness it has. If you really want to use a VPN, try Mullvad VPN with the multihop feature.
If you live in a restricted location, Mullvad has a guide on other methods to use their VPN (archived)
I suggest Mullvad VPN for three reasons:
- They have a track record of handling zero logs to authorities because they never had any.
- MullvadVPN uses WireGuard protocol internally, it is fast, secure and FOSS. You can read about its internal workings on their website.
- Multihop through WireGuard helps you avoid detections if one or more servers are compromised.
The no-log policies can never be trusted, the same goes for the privacy policy of any website, as the webmaster/ service administrator has a lot of control over things running on their own server than you think.
Closing notes
Regardless of whether you are a tech-savvy or non-tech-savvy user, there are things you can do to prevent a dystopian future.
Notes for the tech people
- If you can, please share everything you do on one or more alternative platforms.
- Self-host things if you can, or use a VPS from another country to do it.
- Find a way to normalize the usage of anonymizing networks so that everyone can easily access it.
- Stop promoting things that spy on the users.
- If you are apt, learn reverse engineering and write Linux or Hurd drivers for non-free hardware you use without adding binary blobs in them.
- Backup/archive everything.
- Do everthing I noted for the non-tech people.
Notes for the non-tech people
- Get away from proprietary operating systems like Windows and macOS, GNU/Linux is now much easier to use, and is less intrusive.
- If you can, use the other small platforms and decentralizing networks, to help them grow.
- If you have money, support causes like EFF, FSF and others like them.
- When you use a software or a service, go through its settings, understand what they do, and disable things you do not need.
— Stay safe.