Hacker News new | ask | show | jobs
by bonzini 1035 days ago
> government being able to mandate that a certain website not open at all on a browser/system is uncharted territory and even the most repressive regimes in the world prefer to block websites further up the network (ISPs, etc.) so far.

Repressive government's don't do their blocking at the browser level because it is completely ineffective. Anyone who wants to access the forbidden websites will be able to do so anyway.
2 comments
heretohelp232 1035 days ago
I can confirm.

The French government censors websites by forcing ISPs to delist stuff from their DNS servers. It's trivial to bypass simply by setting alternative DNS providers like Cloudflare.

link
bleuarff 1034 days ago
And not even all ISPs, only the few most popular ones. Even if that's probably 96% of internet users, that looks like the law does not treat all citizens equally.
link
mywittyname 1035 days ago
I think simply modifying the hosts file on a machine to "rename" the domain of the site you want to visit would be sufficient to bypass a browser-level block.
link
pmontra 1035 days ago
The browser must send a request with a Host header with the correct site name or the server will 404 it.

What could work is a local proxy server that translates the host name in the request.

It must MITM the https requests though.

link
Zuiii 1034 days ago
> The browser must send a request with a Host header with the correct site name or the server will 404 it.

Only if you configured it that way. Most http servers have a "default" website which they will happly serve from if the Host header has no match. I expect these sites will continue to work just fine in firefox using the host file hack or via alternative DNS domains.

Unless they just want a foot-in-the-door law to make certain browsers illegal (to then expand on it later), blocking content at the terminal is not the way to do it. So so many ways to get around it.

link
johnchristopher 1034 days ago
What we want or would end up with is a Firefox plugin to toggle a boolean.
link
Joeri 1034 days ago
Is MITM even possible for HSTS preloaded websites?
link
rrobukef 1035 days ago
Please just make the block-list a plain-text human-readable file. That way I can update the file when a new torrent website is convicted and black-listed.
link