All the torrenting sites are restricted. I know, I can use VPN, and such... but I want to do it because of my privacy concerns and not because of some higher-up decided to bend over for the lobbying industry.

While on the other hand, if there's a data breach of a legit big-corp website (looking at you FB), I'm still able to access it, they get fined with a fraction of their revenue, and I'm still left empty-handed. What a hipocracy!!

What comes next? Are they gonna restrict me from using lemmy too, bc some lobbyist doesn't like the fact that it's a decentralized system which they have no control over?

Rant, over!

I didn't even know that my router was using my ISPs DNS, and that I can just ditch it, even though I'm running AdGuard (selfhosted)

top 50 comments

sorted by: hot top controversial new old

[–] tordenflesk@lemmy.world 182 points 2 years ago (3 children)

...Just don't use your ISP's DNS.

[–] lemann@lemmy.one 46 points 2 years ago* (last edited 2 years ago) (3 children)

Sadly doesn't work for gov level blocks that look at the SNI rather than blocking at DNS level

Edit: correction from ESNI to SNI

[–] Eufalconimorph@discuss.tchncs.de 52 points 2 years ago (6 children)

You mean SNI, not ESNI. ESNI is the Encrypted Server Name Indication that gets around that, though the newer ECH (Encrypted Client Hello) is better in many ways. Not all sites support either though.

[–] MigratingtoLemmy@lemmy.world 5 points 2 years ago (3 children)

If I utilise a DNS provider who supports ECH (mullvad) with a browser that supports ECH (Librewolf) will I still not be able to access certain websites? I haven't come across a website blocked by my ISP yet so don't know

[–] noride@lemm.ee 7 points 2 years ago (4 children)

Most ISP blocking is pretty superficial, usually just at the DNS level, you should be fine in the vast majority of cases. While parsing for the SNI flag on the client hello is technically possible, it's computationally expensive at scale, and generally avoided outside of enterprise networks.

With that siad, When in doubt, VPN out. ;)

load more comments (4 replies)

load more comments (2 replies)

load more comments (5 replies)

[–] WeLoveCastingSpellz@lemmy.dbzer0.com 12 points 2 years ago

https://github.com/ValdikSS/GoodbyeDPI, https://www.f-droid.org/packages/ru.evgeniy.dpitunnelcli/ these do :)

load more comments (1 replies)

[–] moreeni@lemm.ee 22 points 2 years ago (1 children)

Sometimes the block is on whole different level than a DNS

[–] noride@lemm.ee 4 points 2 years ago (1 children)

Yeah, even if they miss your DNS request, the ISP can still do a reverse lookup on the destination IP you're attempting to connect to and just drop the traffic silently. That is pretty rare though, at least in US, mainly because It costs money to enforce restrictions like that at scale, which means blocking things isn't profitable. However, slurping up your DNS requests can allow them to feed you false error pages, littered with profitable ads, all under the guies of enforcing copyright protections.

[–] moreeni@lemm.ee 3 points 2 years ago (1 children)

It's pretty much the only way they enforce stuff here in Ukraine. Back in 2015 when the government blocked social media websites tied to Russian companies and in 2022 when .ru domains were blocked, changing your DNS provider didn't help. I'm not sure about piracy sites, though, because everyone kinda doesn't care about this stuff here, but I don't think they would invent other mechanisms when they have a working one that doesn't rely on DNS.

[–] noride@lemm.ee 3 points 2 years ago (1 children)

That makes sense! Believe it or not it's actually easier for an ISP to block a whole country than select websites and services. We actually null route all Russian public IP space where I work, that would absolutely be plausible on a national scale as well.

It's imperfect, you can get around it, but it catches 99% of normal users, which is the goal.

load more comments (1 replies)

[–] CriticalMiss@lemmy.world 71 points 2 years ago (2 children)

I don’t know where you’re from and therefore don’t know what laws affect you but unless the ISP is involved in the media game (i.e HBO & AT&T) they don’t care about restricting access. In fact, they’re against it in most scenarios because if a competitor that doesn’t restrict access to piracy related websites exists, that competitor is likely to siphon customers from ISPs who impose restrictions.

On top of that, most ISPs do the absolute bare minimum to restrict your access so that you can bypass it easily, the most common being the modification of DNS records which you can easily bypass by changing your resolver.

TL:DR blame your lawmakers not your isp

[–] Morgikan@lemm.ee 7 points 2 years ago (1 children)

The DNS modification is slightly off. Some ISPs check UDP packets since they are insecure and will modify query results regardless of the DNS server you are sending to. Mediacom is known to do this for their billing and DMCA systems. They use DNS redirection to assist in MITMing the connection to load their own certificate to your browser. With that done, they can prepend their own Javascript to the response they receive from whatever web server you are trying to contact. That's how they get their data usage and DMCA popups loaded when you load up whatever site.

[–] fbmac@lemmy.fbmac.net 6 points 2 years ago (1 children)

ISP mitm sounds infuriating

[–] Morgikan@lemm.ee 3 points 2 years ago

Even if it is not being done for a malicious reason, it is still a malicious practice. Websites can help prevent this by adopting wildcard Subject Alternate Names in their certificates thereby making the redirection much less likely to succeed, but you shouldn't have to view your own ISP as a threat actor.

load more comments (1 replies)

[–] nephs@lemmy.world 50 points 2 years ago* (last edited 2 years ago)

They already do restrict you from using lemmy by charging full Internet price for it, and allowing special free data plans for Facebook.

Net neutrality matters.

[–] XTornado@lemmy.ml 44 points 2 years ago* (last edited 2 years ago) (3 children)

No offense but if they can do that you have to blame your government not the ISP.... as those are the ones allowing this to happen.

[–] Blackmist@feddit.uk 13 points 2 years ago (3 children)

The government are the ones telling the ISPs to do it, not just allowing it.

load more comments (3 replies)

[–] Honytawk@lemmy.zip 4 points 2 years ago (2 children)

Those companies choose to do so as well.

[–] tonyn@lemmynsfw.com 3 points 2 years ago

Companies will do whatever legal measure makes them the most money.

load more comments (1 replies)

[–] nephs@lemmy.world 4 points 2 years ago* (last edited 2 years ago)

As if the government wasn't controlled by probate lobbyists.

Blame goes to private interests being allowed to influence public decision makers, in my opinion. Infrastructure companies should not be for-profit companies.

[–] Gordon@lemmy.world 43 points 2 years ago (1 children)

My state of residence restricts access to certain sites. It's all bullshit.

Anyway... The ISP is either a common carrier or a content provider. Pick a fucking lane. You can't have half and half. Either you are responsible for ALL content provided or NONE.

If you choose none then you MUST NOT restrict access to any content.

If you chose ALL then you may restrict content based on what you are willing to take responsibility for. But in that case if someone does something illegal with content you provided you are liable.

[–] Shea@lemmy.world 5 points 2 years ago* (last edited 2 years ago) (2 children)

Utah?

[–] MorrisonMotel6@lemm.ee 11 points 2 years ago

California. The internet contains chemicals known to the State of California to cause cancer and birth defects or other reproductive harm.

[–] thirteene@lemmy.world 5 points 2 years ago

The list is growing: Utah, Florida, Kansas, South Dakota, and West Virginia, Arkansas, Mississippi, and Virginia all have legislation in progress

[–] Banzai51@midwest.social 35 points 2 years ago (1 children)

This is why we need more competition in the ISP space. And use a VPN.

[–] RealFknNito@lemmy.world 28 points 2 years ago

Or the FCC to make internet a utility and strip their ability to restrict access, throttle speeds, or be bias in any way. Always use a VPN. Getting Mullvad on my next paycheck.

[–] ultratiem@lemmy.ca 31 points 2 years ago (1 children)

Yeah this is government level. They tell the ISPs what to block and they do what’s ordered. ISPs want your money. All the legal crap they have to do is part of business.

[–] JewGoblin@lemmy.world 3 points 2 years ago

seems like a violation of our first amendment, it's none of the government business what site or what we can access on the net

[–] DeltaTangoLima@reddrefuge.com 24 points 2 years ago (1 children)

Censorship is wrong. Every rational, adult human being should have the fundamental right to their autonomy, without third party intervention, with full awareness of the laws that apply to them.

If they decide to abuse that freedom and awareness by accessing illegal content (even CSAM), then they are taking the risk of being discovered, prosecuted, and punished accordingly. And, in many cases (like CSAM), I hope they are caught and punished.

Regardless of the outcome, it still starts with the freedom for that individual to make that decision for themselves.

[–] RealFknNito@lemmy.world 11 points 2 years ago (1 children)

That's part of the price of freedom. Tor is a browser that makes it hard to be tracked down, so people use it to facilitate illegal activities. Crypto is a currency that makes it hard to be tracked down, so the same occurs. While most of us use and support these services for legal activities, just to be free from corporate and government oppression, there will always be people who use them to be from legal consequences.

Sadly, making it easier to find people who do things like post CSAM in turn makes it easier to find people who want to watch Porn without supplying a government ID. (Still can't believe my state of Virginia passed that law.)

[–] DeltaTangoLima@reddrefuge.com 5 points 2 years ago (3 children)

people who want to watch Porn without supplying a government ID

Yeah, and this is where the part of my comment that discussed "laws that apply" is nuanced. If the laws that apply are designed to abridge people's autonomy, and right to privacy,, then that's an unjust law.

load more comments (3 replies)

[–] supervent@lemmy.dbzer0.com 22 points 2 years ago

you could use tor project to surf the internet and i2p or i2pd for bittorrent

[–] WeLoveCastingSpellz@lemmy.dbzer0.com 18 points 2 years ago

https://github.com/ValdikSS/GoodbyeDPI, https://www.f-droid.org/packages/ru.evgeniy.dpitunnelcli/ enjoy. Fuck cencorship!

[–] lambalicious@lemmy.sdf.org 7 points 2 years ago (1 children)

Switch over to an ISP that doesn't do that. Leave record with your country's customer protection service and/or open press / open culture office that's why you did it. There. Done.

[–] seitanic@lemmy.sdf.org 10 points 2 years ago (4 children)

Lots of people come have a choice in who their ISP is. I don't. For my area, there's one provider. If I want to change that, I have to move.

load more comments (4 replies)

load more comments