[bush-bby]

I mean it’s obviously fucked and I’d never be the engineer to do it…but whenever I see these massive undertakings of technological censorship, I must admit my first thought is always “damn, imagine the massive logistical challenge that would be”. I mean censoring an entire people, and dealing with all the ways people are getting around your solution, its messed up but I mean holy blue team/devops/netdev/infra challenge Batman.

[tryauuum]

In this case, it's not really challenging. If I understood the post correctly, they simply map domains to the google-provided IP that forces safe search. That's like several lines of DNS-server config, though you need to do it in each internet service provider.

[b0afc375b5]

Apologies if I misunderstood, but in this case wouldn't the workaround be equally as simple? For example one could manually set the dns resolvers of one's own device to 8.8.8.8 and/or 8.8.4.4

[tryauuum]

yeah, they probably capture all DNS packets (or packets with answers?) and modify them. That is more effort than a couple of lines in DNS server config.

I haven't thought of it because I assumed Iran already has something like this in place && I didn't consider it as a part of effort of enforcing safe search (though it is)