[chatmasta]

Vodafone is the worst. Although it's really the U.K. surveillance state that is the problem.

When I popped my SIM into my iPhone it forced me to download a configuration profile with a self-signed Vodafone cert, which means they can mitm any connection. I think this is required by the government so they can block adult websites by default? (I've also seen torrent websites also fail silently with misleading "server not found" errors)

I haven't looked into if they're doing the filtering via DNS or mitm, but I avoid the censorship by connecting to a vpn.

[Symbiote]

I have never heard of the self-signed certificate, that would be interesting to report to the Open Rights Group [1]

The filtering in the UK is by inspecting HTTP requests, so when a single image on wikipedia.org was blocked, every request to Wikipedia ended up going through each ISPs hidden proxy. [3]

According to [2], HTTPS sites aren't filtered -- but it references a page from 2004. I suspect HTTPS sites are now simply blocked outright at either DNS or IP level, but I don't have a way to verify this, and can't find any details.

[1] https://wiki.openrightsgroup.org/wiki/Internet_censorship

[3] https://en.wikipedia.org/wiki/Child_abuse_image_content_list...

[2] https://wiki.openrightsgroup.org/wiki/Cleanfeed#cite_note-LI...

[chatmasta]

Here are some screenshots of the text I got and the profile I had to install.

Correct me if I'm wrong but I'm pretty sure this enables complete MITM by Vodafone when using cellular network.

http://imgur.com/b0il5xb http://imgur.com/3mw5ZGZ http://imgur.com/6ehhfuZ

[JimDabell]

I don't know why Vodaphone are doing that, but you shouldn't go around telling people that it's because of "the U.K. surveillance state" because other UK ISPs don't do that.

The "server not found" errors sound like DNS blocking, which they can do without MITM.