“Despite the guarantee of free access to information enshrined in Article 19 of the Universal Declaration of Human Rights, the number of countries engaged in Internet censorship continues to increase.[1]”
This Wikipedia definition of internet censorship is as good as any: Internet censorship is the “control of suppression of what can be accessed, published or viewed on the internet.” From the so-called Great Firewall of China through North Korea and west through Iran, Saudi Arabia, Syria, and Cuba, internet censorship blocks the free access to global ideas and communication.
Internet censorship is a response to what authoritarian countries see as a threat: in China, to one-party rule, for others an undesirable exposure to political or religious ideas at odds with the power structure. That censorship is typically enforced by regulations and blocking technology.
How censorship works
Countries whose authorities control internet servers employ a variety of methods to deny access or censor their citizens’ use of the internet:
Domain Name System (DNS) redirection or filtering
Censoring governments alter or wipe out the registry of a DNS which hosts undesirable content. The site becomes invisible to browsers. Ways to get around DNS filtering include using the most common domain names like Google Public DNS. Using Google and similar services require reconfiguration of the user’s operating system.
Internet Protocol (IP) address blacklisting/blocking
Censoring governments can easily control or block access to a known IP address. Censoring authorities collect a list of IP addresses of those websites they want to censor. As their citizens dial up the blacklisted IP address, access is blocked. Also, any IP addresses residing on the same hosting server likewise cannot be accessed.
Uniform Resource Locator (URL) scanning
Using URL filtering, internet censors block access to those websites based on keyword filtering on their banned URL list. Some censors use filtering software to scan unencrypted internet traffic for blacklisted keywords. Those banned keywords need not be part of the internet address. The software can scan individual internet pages for blacklisted keywords on both ends—in the user’s web browser request and on the pages returned to the user.
Deep packet inspection (DPI) advanced censorship
DPI is typically used by countries that employ especially strong internet controls. As packets of information migrate between servers, DPI technology discerns the type of traffic being transferred between the user and targeted server.
Sophisticated firewalls, such as in China, can even detect and deflect VPN or Tor encrypted traffic. There are ways to get around DPI, but they involve rather sophisticated measures beyond the technical ability of the average web user.
The best tools to defeat internet censorship
For the average internet user, technological tools like the Surfshark Virtual Private Networks (VPNs), Smart DNS, The Onion Router Tor), and web proxies can outsmart internet censorship. Here’s how they work:
VPNs unblock locked-out websites.
A VPN redirects the user’s internet connection through a secure remote server and hides the user’s IP address. VPNs allow access to websites that are blocked based on a user’s geographical address.
VPNs are especially adept at accessing region-restricted websites. Known as “geo-blocking” this restricted access blocks users outside the geographical area of the host server. VPNs can also bypass URL filtering and IP address blocking.
Likewise, the encryption and privacy provided by VPN are especially valuable in crypto currency transactions. So-called “crypto miners” need the extra security layer of VPN to avoid online theft and access key compromises.
Smart DNS can mask the user’s IP address
Smart DNS is a quicker way into geo-blocked websites like Netflix, Hulu, etc., which block out-of-region access. While smart DNS does not completely hide the user’s IP address, it does conceal the originating geographical location. Since smart DNS is not encrypted, it is typically faster, though less secure.
The Onion Router (Tor) avoids surveillance.
The Tor browser works somewhat like a VPN. However, each time a user accesses Tor, the device selects three random proxies and relays the user’s traffic through all three. Known as Tor relays, there are several thousand of them operated by volunteers. Each time the traffic goes through a relay, a separate layer of encryption occurs. So, neither the user’s ISP nor the relays themselves can find out the originator IP address and the location of the websites being accessed.
Properly configured, Tor can block most types of surveillance and unblock sites. Tor needs to be used with caution, however. It is the gateway to dark web sites, where often illegal transactions occur. U.S. users need to be aware that that Tor is watched carefully by federal law enforcers.
Warning: When using Tor, the user must still use a secure connection to the visited website. The secure (HTTPS) connection needs to be active before the user sends or receives information on Tor.
Proxy websites bypass blocked web access.
A proxy can be an intermediary between the user’s small network and access to the web. Using a proxy website is one way to bypass geo-blocking, because the user’s IP address is blocked. Proxies also cache websites for quicker access the second time around.
Caution: Proxies do not offer the same anonymity as VPNs and Tor. The proxy website owner can easily read the user’s IP address.
A final word on understanding internet censorship
Each censorship technique has its own efficacy and weaknesses. Users attempting to get through internet censorship should, rather than trying to figure out what a particular technique is, should, follow the advice in the article quoted at the beginning of this piece. Essentially it boils down to always assuming the worst-case scenario, namely:
- The censorship the user is experiencing is likely in effect nationally at both the ISP level and on the user’s local network.
- The double blocking of DNS lookups and content requests are being blocked.
- Blacklists exist for both domain names and IP addresses.
- All internet transactions are monitored for keywords.
- Users will receive a misleading reason when a blocked site fails to load.
- Regardless of the methods used for censorship, safe and effective circumvention tools should work. VPN, however, is the best tool to maintain online anonymity as well as outsmart internet censorship.
References:
[1]Quoted from security in-a-box on line article, Remain Anonymous and Bypass Censorship on the Internet, updated December 11, 2018, accessed March 20, 2019