Comment by iamzenitraM

9 months ago

Orange and Vodafone are also implementing the blocking but users are not noticing because they are doing it wrong: instead of blackholing the IPs or only blocking when connecting through ECH, they are blocking by DPI the access when using the IP address as the SNI/Host header.

  # curl http://104.21.16.1
  <META HTTP-EQUIV="Pragma" CONTENT="no-cache"><META HTTP-EQUIV="Expires" CONTENT="-1"><html>Por causas ajenas a Vodafone, esta web no est� disponible</html>
  # curl http://104.21.16.1 --header "Host: blockedsite.com"
  error code: 1001

(1001 is the expected output from Cloudflare)

Which is really useless, but I guess fulfills the court order (pandereta meets undefined specifications).

0 comments

iamzenitraM

No comments yet

Contribute on Hacker News ↗