Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Setting esni to enabled in Firefox partially works.

But Airtel really, really wants to run scripts and show ads on blocked pages.

Duckduckgo - https://i.postimg.cc/SqkRhpRC/Mozilla-Firefox-29-09-20-w-PA....

Pirate Bay - https://i.postimg.cc/qMmwMXVY/t-29-09-20-9-Dv.png



DuckDuckGo is blocked in India??


Yes, ISPs are blocking DDG. Airtel(ISP) is blocking DDG but HTTPS version is accessible.

https://imgur.com/a/y7wnOjD


What reason could they have for blocking DDG? Is it easier to find pirated content there than on Google or something? That's my best guess. I can't imagine they'd block on behalf of a competitor or something.


I suspect it's political censorship/surveillance of some sort. Some suggest it's collateral damage from the ban on Chinese apps. https://www.themobileindian.com/news/duckduckgo-blocked-by-m...

Whether that's a mistake or they've made an enemy of some sort is not clear. India is a democratic country but not an especially free one.


You never know. Could be a mistake where they were trying to block a certain path due to some search result of copyright infringement, but ended up banning the domain itself. One can only guess.

Reddit and Github have previously been temporarily banned in India due to similar "mistakes"


https://en.wikipedia.org/wiki/Internet_censorship_in_India


DDG is a strong advocate for user privacy, that might be all it takes.


Is it possible the big guys will provide (sell?) query surveillance feeds to random governments while DDG can't/won't?


even the http version is accessible to me


Not blocked for me on my home and mobile (Jio) connection. I think airtel is just crap. Just switch.


Nope


How do they inject stuff into HTTPS pages?


Unless the site uses certificate pinning its possible to do a downgrade attack that forces browser off of HTTPS. The extension HTTPS Everywhere is a stopgap against this


things that do stuff like this can't, they try whatever tricks are possible to push javascript or redirects to send the client browser to something non https, on port 80


it does say "Not secure" for the https info, so I guess they intercept the request


yeah but not secure is regular http. on https they cannot do that without triggering a browser warning.


Heads up, that site was injected with a ton of malware/adware and redirects. Possibly their ad network got hosed, but that site doesn't seem safe unless you are locked down.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: