• @drathvedro@lemm.ee
    link
    fedilink
    011 months ago

    relying on a simple domain block-list. There’s domain blocking where I live too. I imagine it’s handled similarly on a technical level

    To block a domain, it requires looking at the HTTP headers, though. So the only ways to do this with HTTPS is by either somehow breaking SSL or blocking based on domain’s IP, which causes high collateral damage due to cohosting, especially if the infringing domain is behing clourflare or is on amazon/azure/google infra. Oh and you can’t just block whatever IP’s the DNS is responding with, they got burned by it already when someone intentionally got their domain into blocklist and made DNS server resolve to 127.0.0.1. If your place also does this and it has a working democratic and judicial systems, I would suggest starting to raise questions about it.

    This just says blocked, not outlawed. I also couldn’t find any other articles about Tor being outlawed. As long as it’s not illegal it’s no practical problem for me/you. According to this article, Tor and someone else is suing, which they wouldn’t do if they didn’t have a legal basis for operating. It even says it’s unconstitutional.

    You’re right. I’ve looked into it and it seems that the reasoning behind the ban isn’t that it allows anonymity but the fact that exit nodes don’t restrict access to blocked sites, which is not at all possible for Tor. So I imagine they will soon, if not already, start going after it using DPI methods like they do with VPN’s already.

    Based on what you’ve provided, it sounds like the anonymous computer in a cave scenario in the meme would go completely unnoticed by an averagely aggressive and averagely competent police state.

    Well, based on what this computer is actually doing, it’s going to get cut off from all communications the moment anyone in that police state notices it. If it’s just pirate stuff then it’ll happen fairly quickly based on the amount and the obscurity of the sites in the blocklist. If it’s political - the owner of the server will be called for questioning. They’ll throw some of the bullshit laws at them to stack up (Got camera on your phone? Spy equipment! $2000 fine + confiscation! Liked any racist meme at any point in time? bam, extremism, 6 years in prison!) possible fines and jail time, but it’s all just to coerce them into cooperation.

    Come on. I’m not planning to spy on the Russian military for the MI6! That’s several levels of shady beyond ‘anti-establishment website’.

    Who knows what you might want to do with that server in the cave. This was just to show that they can and do reach outside the country in some cases. It’s not just for spies, though, they tried to do the same with Navalny and Kara-Murza, and a bunch of other less prominent figures. Also note, that all of those are botched attempts. In case of success, there will be no signs of poisoning as those chemicals are designed to break down quickly and leave no traces.

    It can also be mitigated with a VPN and not using the state’s DNS

    True, if your VPN protocol of choice isn’t banned already. But then, renting a box in Russia just to break out of it using a VPN kind of defeats the whole purpose.

    Overall, you put it fairly accurate at “averagely aggressive and averagely competent police state”, we’re just going back and forth over specific details, but the point is that if you’re dealing with anything in Russia, you’re basically dealing with said police state, and the more you get involved with it, the harder you’ll eventually get rolled over by it. That’s why I suggest not getting involved with it at all in the first place. Having said that, I myself have certain obligations to visit Russia at some point in the future and I honestly dread of that moment. Wish me luck, I guess, but do you happen to know any good “dead hand” kind of software?

    • @Aria@lemmygrad.ml
      link
      fedilink
      211 months ago

      I’ve never needed dead hand software. I wipe my phone before going through airports but that’s it. If I needed it, my first instinct would be to write my own, because my use case would probably be pretty simple. I’m not sure. I think you’re vastly overstating the danger of travelling through Russia. Still, I’d wipe my phone (or leave it at home) like anywhere else of course. Always best to be cautions.

      But then, renting a box in Russia just to break out of it using a VPN kind of defeats the whole purpose.

      This is just kinda how I use everything. I mean I’m paying for the VPN anyway… But it doesn’t degrade performance for a seedbox. You connect to it and stream your files when you need them, it’s less hassle than if you download things to your own home. Doesn’t degrade performance for most private tasks to be honest.

      If your place also does this and it has a working democratic and judicial systems, I would suggest starting to raise questions about it.

      It absolutely does not. But even if it did, I think most countries in the EU have some form of internet censorship. Almost always left to the discretion of the ISPs when it comes to implementation. Your instance is in Estonia, so I checked, and Estonia blocks copyright infringement and gambling, and according to one source, as if this year, ‘Russian propaganda’.

      • @drathvedro@lemm.ee
        link
        fedilink
        111 months ago

        I think you’re vastly overstating the danger of travelling through Russia

        Eh, a red passports in my pocket, along with a military id of same color say otherwise

        But it doesn’t degrade performance for a seedbox. You connect to it and stream your files when you need them, it’s less hassle than if you download things to your own home. Doesn’t degrade performance for most private tasks to be honest.

        Actually, this sounds like a one good use-case for VPS in Russia because I didn’t even know what a seedbox is. I have used transmission on a router solely for silent operation and only once encountered an ISP who limited bittorrent traffic, but then I just told them to fuck off and switched to a different one. It never crossed my mind that people might want a torrent box outside their country. Just use an encrypted connection to it, though, because who knows what the fuck is Russian(or your) government might be up to. Though I’d advice to consider one in Armenia, if possible. It’s close, but much more liberal and the internet speeds are just as good. Though computer part imports seem to be problematic in there so I’m not sure if there are any good providers.

        Almost always left to the discretion of the ISPs when it comes to implementation

        It’d be interesting to see how they actually implement this, as I couldn’t find much info. But the fact that this is passed down to ISP’s to implement and there are seemingly no strict rules gives a hope that there might be some leeway between different providers, and ones that don’t use it as a pretense to infringe on your privacy. But it’s sad to see that they are, too, going political with this.

        • @Aria@lemmygrad.ml
          link
          fedilink
          111 months ago

          Eh, a red passports in my pocket, along with a military id of same color say otherwise

          Then you know better than me.

          Though I’d advice to consider one in Armenia, if possible. It’s close, but much more liberal and the internet speeds are just as good. Though computer part imports seem to be problematic in there so I’m not sure if there are any good providers.

          I don’t have a particular love for Russia for this type of thing, it just happens that a lot of low cost barely-professional providers are in Russia, and that Russia isn’t among the worst countries in terms of surveillance law and competence to enforce those laws. I’d happily rent from an Armenian provider, they’re just a little worse at SEO. Thanks for the tip.

          ones that don’t use it as a pretense to infringe on your privacy.

          My current ISP works with any router but there is a mandatory purchase of their partner’s router when you sign up. That router doesn’t host a configuration page, if you want to configure the SSID or password, you need to use their Windows/Android app. The Windows app installs a root certificate. I haven’t done that, and I think it’s just to facilitate regular updates rather than MITM decryption, but it could be either. ISPs have smart people (or people with skills in the right technical area), but they don’t have any financial incentive to use a clean solution sadly.

          But it’s sad to see that they are, too, going political with this.

          I’m not categorically against blocking illegal content, but it’s the surveillance I find really icky. Countries with laws about having to keep logs on users. Mandatory invisible/silent data-sharing with police. Gross.