RANT: I hate the fact that my ISP can restrict access to certain sites

How can it possibly be, that an ISP, which I'm paying for gets to decid, which sites I'm allowed to have access to, and which not?

All the torrenting sites are restricted. I know, I can use VPN, and such... but I want to do it because of my privacy concerns and not because of some higher-up decided to bend over for the lobbying industry.

While on the other hand, if there's a data breach of a legit big-corp website (looking at you FB), I'm still able to access it, they get fined with a fraction of their revenue, and I'm still left empty-handed. What a hipocracy!!

What comes next? Are they gonna restrict me from using lemmy too, bc some lobbyist doesn't like the fact that it's a decentralized system which they have no control over?

Rant, over!

I didn't even know that my router was using my ISPs DNS, and that I can just ditch it, even though I'm running AdGuard (selfhosted)

99 comments

...Just don't use your ISP's DNS.
- Sadly doesn't work for gov level blocks that look at the SNI rather than blocking at DNS level
  Edit: correction from ESNI to SNI
  
  You mean SNI, not ESNI. ESNI is the Encrypted Server Name Indication that gets around that, though the newer ECH (Encrypted Client Hello) is better in many ways. Not all sites support either though.
  
  https://github.com/ValdikSS/GoodbyeDPI, https://www.f-droid.org/packages/ru.evgeniy.dpitunnelcli/ these do :)
  
  You can try the new ECH feature, in the FF browser for example. It encrypts the SNI on compatible websites
- Sometimes the block is on whole different level than a DNS
  
  Yeah, even if they miss your DNS request, the ISP can still do a reverse lookup on the destination IP you're attempting to connect to and just drop the traffic silently. That is pretty rare though, at least in US, mainly because It costs money to enforce restrictions like that at scale, which means blocking things isn't profitable. However, slurping up your DNS requests can allow them to feed you false error pages, littered with profitable ads, all under the guies of enforcing copyright protections.
I don’t know where you’re from and therefore don’t know what laws affect you but unless the ISP is involved in the media game (i.e HBO & AT&T) they don’t care about restricting access. In fact, they’re against it in most scenarios because if a competitor that doesn’t restrict access to piracy related websites exists, that competitor is likely to siphon customers from ISPs who impose restrictions.
On top of that, most ISPs do the absolute bare minimum to restrict your access so that you can bypass it easily, the most common being the modification of DNS records which you can easily bypass by changing your resolver.
TL:DR blame your lawmakers not your isp
- The DNS modification is slightly off. Some ISPs check UDP packets since they are insecure and will modify query results regardless of the DNS server you are sending to. Mediacom is known to do this for their billing and DMCA systems. They use DNS redirection to assist in MITMing the connection to load their own certificate to your browser. With that done, they can prepend their own Javascript to the response they receive from whatever web server you are trying to contact. That's how they get their data usage and DMCA popups loaded when you load up whatever site.
  
  ISP mitm sounds infuriating
They already do restrict you from using lemmy by charging full Internet price for it, and allowing special free data plans for Facebook.
Net neutrality matters.
My state of residence restricts access to certain sites. It's all bullshit.
Anyway... The ISP is either a common carrier or a content provider. Pick a fucking lane. You can't have half and half. Either you are responsible for ALL content provided or NONE.
If you choose none then you MUST NOT restrict access to any content.
If you chose ALL then you may restrict content based on what you are willing to take responsibility for. But in that case if someone does something illegal with content you provided you are liable.
- Utah?
  
  California. The internet contains chemicals known to the State of California to cause cancer and birth defects or other reproductive harm.
  
  The list is growing: Utah, Florida, Kansas, South Dakota, and West Virginia, Arkansas, Mississippi, and Virginia all have legislation in progress
No offense but if they can do that you have to blame your government not the ISP.... as those are the ones allowing this to happen.
- The government are the ones telling the ISPs to do it, not just allowing it.
  
  In some cases yes, but I would say that is allowing it too... Idk... I don't see the need to nitpick but yeah.
  
  The government is elected by people who care or don't care about certain topics
- Those companies choose to do so as well.
  
  Yeah... But if there were laws that prohibited it they couldn't do it that is my point.
- As if the government wasn't controlled by probate lobbyists.
  Blame goes to private interests being allowed to influence public decision makers, in my opinion. Infrastructure companies should not be for-profit companies.
This is why we need more competition in the ISP space. And use a VPN.
- Or the FCC to make internet a utility and strip their ability to restrict access, throttle speeds, or be bias in any way. Always use a VPN. Getting Mullvad on my next paycheck.
Yeah this is government level. They tell the ISPs what to block and they do what’s ordered. ISPs want your money. All the legal crap they have to do is part of business.
- Holy hell that sounds cursed. How obnoxious are they? Can you share a screenshot?
  Next time I'm cursing Spectrum I'll remind myself that they aren't doing that at least.
  
  Next they put ads in your ads as well.
  
  Before Wikipedia default to https, I remember being surprised seeing ads in a Wikipedia page. I was so disappointed that Wikipedia has stoop so low before eventually realizing my cursed ISP was the real culprit.
- Does http sites exist at this point though?
  
  Shenanigan like this was one of the main driving force to push website operators to use https by default. The other driving forces are the computational cost of serving https got significantly cheaper thanks to modern CPU with accelerated cryptography instructions support, and letsencrypt providing free TLS certificate to everyone.
- [This comment has been deleted by an automated system]
- Never saw it on a website but back when I just plugged things in and used it the one at the time liked to swipe bad DNS requests and use it to push an ad page rather than a name not resolved.
  
  OpenDNS used to do that. Caused a lot of unexpected problems, enough that I stopped using it entirely. I'm still hesitant to even though they've stopped doing it.
Censorship is wrong. Every rational, adult human being should have the fundamental right to their autonomy, without third party intervention, with full awareness of the laws that apply to them.
If they decide to abuse that freedom and awareness by accessing illegal content (even CSAM), then they are taking the risk of being discovered, prosecuted, and punished accordingly. And, in many cases (like CSAM), I hope they are caught and punished.
Regardless of the outcome, it still starts with the freedom for that individual to make that decision for themselves.
- That's part of the price of freedom. Tor is a browser that makes it hard to be tracked down, so people use it to facilitate illegal activities. Crypto is a currency that makes it hard to be tracked down, so the same occurs. While most of us use and support these services for legal activities, just to be free from corporate and government oppression, there will always be people who use them to be from legal consequences.
  Sadly, making it easier to find people who do things like post CSAM in turn makes it easier to find people who want to watch Porn without supplying a government ID. (Still can't believe my state of Virginia passed that law.)
  
  people who want to watch Porn without supplying a government ID
  Yeah, and this is where the part of my comment that discussed "laws that apply" is nuanced. If the laws that apply are designed to abridge people's autonomy, and right to privacy,, then that's an unjust law.
you could use tor project to surf the internet and i2p or i2pd for bittorrent
Counter rant: This is why we built encryption and VPNs many years ago. This is a solved problem, but rather than solving it you'd rather just complain ineffectually about it. The solution, the product of years of work of technical people and privacy people, is sitting right there staring you in the face available for you to use as a free service, a paid service, or your own self-hosted service. Use a VPN, that's what it's for.
- It's still right to complain and protest about something that is unjust, even when ways to circumvent it exist. Because the next logical policy step is to ban VPNs, as many countries already have, and the solved problem becomes unsolved again.
- Free VPNs should be avoided at all costs for many reasons, and the alternatives are an additional service to pay for, to fix another service you already pay for too that doesn't work the way it should work in the first place.
  I don't see what's ineffectual about the complaints. Of course people will, and should, complain. Loudly.
  
  Cloudflare’s 1.1.1.1 is free and can be as trusted as any of their other services.
  
  The ProtonVPN free plan is good though. There's no reason not to trust them, Proton is a privacy company and their business model is very clear. Also, their apps are completely free and open source. Windscribe might also be an option, but they have bandwidth limits. Proton doesn't limit bandwidth, instead they only allow you to connect to a small amount servers in only 3 countries. They also block P2P on the free plan, but it's fine if you just want to get around censorship and browse the web.
- The problem is that VPNs can be a lot slower (for example large downloads) than a "normal" connection, at least iny experience.
  
  Decent VPNs should be mostly unnoticeable
- Counter counter rant: both can be true.
  Just because there's a workaround doesn't mean there isn't a problem.
- There are many ways to solve this problem, with different degrees of acceptance: legally (arguing for personal freedom granted by basic laws, depends on jurisdiction), or technologically (tools to evade or deceive censorship techniques, could require technical knowledge for proper use).
  We have the tools, but legal grounds can also play a greater role (e.g. declaring vpn/tor illegal causes a chilling effect for potential beneficiaries).
https://github.com/ValdikSS/GoodbyeDPI, https://www.f-droid.org/packages/ru.evgeniy.dpitunnelcli/ enjoy. Fuck cencorship!
Switch over to an ISP that doesn't do that. Leave record with your country's customer protection service and/or open press / open culture office that's why you did it. There. Done.
- Lots of people come have a choice in who their ISP is. I don't. For my area, there's one provider. If I want to change that, I have to move.
  
  StarLink is available basically everywhere and they don't do that bullshit.
  
  A fair point.
  Still, in this case you should direct your issue to your country's consumer protection and culture protection services. Since they are essentially charging you for an incomplete service.
  Of course, there's other measures that one can take by themself to route around the issue, such as using a VPN. But they don't deal with the real issue at hand that is what the thread title says: that the ISP is doing something that it shoudn't.
i know america is ass but at least we don't have this here, as far as i can tell
- American here. My ISP blackholes certain sites at the DNS level. Easy enough to work around, but it's there.
- For some reason my isp thinks I'm in Utah even though I'm in Florida so they are not letting me see pornhub
- You sure? My first thought was "that must be America". You generally have terrible privacy and consumer protection laws and it's the country with the most interest in enforcing copy right laws.
This your ISP or your government? Or your rant is about the feeling?
https://github.com/xvzc/SpoofDPI
Use vpn
- Revanced is a popular tool for modifying apps like YouTube, offering ad-blocking, background play, and premium features for free, catering to users seeking enhanced experiences.
Torrent sites aren't blocked in my country but some pr0n sites are.
Well you can buy a car but the gov't will still make you drive on the correct side of the road.
I've got AdGuard home and everything works. Switching to ISP DNS and Thepiratebay.com doesn't work.
calyx true unlimited hotspot prob will fix
@adonis The problem you're hitting is that the #clearnet / #Internet in general weren't adequately designed to handle malicious #infrastructure operators.
"The 'net interprets censorship as damage and routes around it" was a comment about #Usenet, a #federated / #P2P system with gossiped (https://en.wikipedia.org/wiki/Gossipprotocol) message exchange which wasn't particularly picky about its transport layer (indeed you could load a spool on a floppy and mail it), not the internet.
- I don’t know if you’re choosing to add those hashtags to your comment or if it’s just something that mastodon does automatically, but holy fuckweasels is that shit annoying.
  
  I wondered why I saw people reply like that as well as tagging the user at the start, that explains it now

99 comments