this post was submitted on 09 Sep 2024
122 points (99.2% liked)

Privacy

31993 readers
553 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

The Malaysian Communications and Multimedia Commission (MCMC) has instructed Internet Service Providers (ISPs) to redirect Domain Name Service (DNS) traffic that uses third-party DNS servers back to their own DNS servers

MCMC has blocked a total of 24,277 websites between between 2018 to Aug 1, classified into various categories, which are online gambling (39 per cent), pornography/obscene content (31 per cent), copyright infringement (14 per cent), other harmful sites (12 per cent), prostitution (two per cent) and unlawful investments/scams (two per cent).

“It has been falsely claimed that the measure undertaken by MCMC is a draconian measure. We reiterate that Malaysia’s implementation is for the protection of vulnerable groups from harmful online content.

top 40 comments
sorted by: hot top controversial new old
[–] possiblylinux127@lemmy.zip 42 points 2 months ago (1 children)

Good luck blocking DNS over https. Doing so would require a lot of work. It is sad to see countries going the authoritarian route. This is just the start and it will get worse.

Maybe Tor would be better

[–] BigDanishGuy@sh.itjust.works 14 points 2 months ago

That's the next step: drop all encrypted traffic.

[–] Annoyed_Crabby@monyet.cc 41 points 2 months ago (2 children)
[–] 01189998819991197253@infosec.pub 16 points 2 months ago (1 children)

Canceled like Google Circles? Or canceled like Microsoft Recall?

[–] Annoyed_Crabby@monyet.cc 15 points 2 months ago (1 children)

Recall, because it's definitely coming back.

[–] tun@lemm.ee 1 points 2 months ago
[–] slazer2au@lemmy.world 37 points 2 months ago* (last edited 2 months ago) (1 children)

Doesn't DoH and DoT completely kill this?

[–] pHr34kY@lemmy.world 8 points 2 months ago

I have configured my home router to redirect all plaintext DNS traffic through it. I did it because Chromecasts try to sidestep DNS and go straight to Google.

While doing that was a couple of lines of nftables config, blocking DoH would require an actively maintained list. Even then, it would be trivial to host your own by renting some server space.

[–] stuckgum@lemmy.ml 33 points 2 months ago

Some time ago the Malaysian government denied access to Steam over one religious video game. Yes the whole platform over one game. So this looks like a case of the government being dumb as usual.

[–] kbal@fedia.io 24 points 2 months ago

It has been falsely claimed that the measure undertaken by MCMC is a draconian measure

While it may be unclear exactly what kind of Internet traffic laws Draco would've written, allowing only the major landowners to run DNS servers does seem to be in keeping with the spirit of "aiding and legitimizing the political power of the aristocracy and allowing them to consolidate their control of the land and poor" as his laws are said to have done.

[–] ohwhatfollyisman@lemmy.world 22 points 2 months ago

say what you will, but online gambling being the most blocked category is heartening to hear.

[–] Kyrgizion@lemmy.world 21 points 2 months ago (3 children)

Encrypted DNS traffic => oh noed, what now?

[–] sunzu2@thebrainbin.org 10 points 2 months ago
[–] Facebones@reddthat.com 4 points 2 months ago

Believe it or not, straight to jail.

[–] HubertManne@moist.catsweat.com -4 points 2 months ago (1 children)

pretty sure dns will fail.

[–] refalo@programming.dev 2 points 2 months ago

Screenshotting this for the long troll

[–] Darkassassin07@lemmy.ca 13 points 2 months ago

https://docs.pi-hole.net/guides/dns/cloudflared/

I use pihole+cloudflared to translate all DNS requests on my LAN to DoH requests. Regular DNS isn't permitted to leave my network. (port 53 outbound is blocked)

Can't redirect/modify/monitor DoH requests like you can plain DNS.

[–] GolfNovemberUniform@lemmy.ml 7 points 2 months ago* (last edited 2 months ago)

It has been falsely claimed that the measure undertaken by MCMC is a draconian measure. We reiterate that Malaysia’s implementation is for the protection of vulnerable groups from harmful online content.

You don't need to ban privacy reapecting DNS services to ban specific websites. It's made just for spying.

[–] Noxious@fedia.io 7 points 2 months ago (1 children)

DoH, DoT, DoQ, DNSCrypt, or just use a VPN

[–] Annoyed_Crabby@monyet.cc 8 points 2 months ago (1 children)

I use VPN, can't be bothered with DNS anymore because i know they will pull this move.

Also it's really just a mask for easier censorship, as Malaysia had tried it before, censoring site like news site that report on government scandals, news site that focus on LGBT reporting, Fanfic, Medium, and even Steam.

[–] Noxious@fedia.io 6 points 2 months ago (1 children)

Seems like using a VPN is basically inevitable now

[–] sunzu2@thebrainbin.org 0 points 2 months ago

Always has been.

Why would you accept paying some telco merchant for service only to have them sell your data for more money 🤡

At some point people got to start punishing parasites. Hurt their profits 🐸

[–] sunzu2@thebrainbin.org -4 points 2 months ago (3 children)

How is this different from US ISP bootstrapping peasant grade internet?

The sun will run this headline for Malaysia but nobody run these headlines for the US.

I wonder why

Edit: if you are going to downvote at least explain if you got a counter point, otherwise it seems y'all just butthurt haha

[–] trevor@lemmy.blahaj.zone 5 points 2 months ago* (last edited 2 months ago) (1 children)

Yes. The US is also authoritarian. Yes, there is a clear media bias when it comes to the headlines that western media outlets are willing to run. In particular, painting non-western countries as more authoritarian than the US (which is sometimes true).

It's valuable to point this out. Dog knows the shitty media bias bots used in other communities won't.

However, the overall tone of your comment seems to suggest that it's okay for non-western governments to do authoritarian bullshit, just because the US does. I trust that wasn't the point of your comment, but I assume that's why some may not take kindly to it.

For what it's worth: my instance disables down votes, so I literally can't down vote posts I disagree with.

[–] sunzu2@thebrainbin.org 1 points 2 months ago

As an American I found it clown to see UK sun run this trash when my own ISP is doing something similar and took me extensive research to figure wtf was going on few years back.

I don't support some clowns in Malaysia doing their but it doesn't matter to me, what matters to be is that 1) my corpo daddy is colluding with daddy Sam to do do it; and 2) my fake news would never run such a headline.

Point of my post is to educate mostly US and western audiences that our dearest regimes are doing this to do today.

Tone is an artistic touch, it is provocative maybe it will get people going and start asking questions.

It is only shot post so I understand why people would push back and that's good, conversion is being had on the topic.

[–] BearOfaTime@lemm.ee 2 points 2 months ago (1 children)
[–] sunzu2@thebrainbin.org -2 points 2 months ago

DNS bootstrapping?

[–] Buelldozer@lemmy.today 2 points 2 months ago (1 children)

Edit: if you are going to downvote at least explain if you got a counter point, otherwise it seems y’all just butthurt haha

Okay.

How is this different from US ISP bootstrapping peasant grade internet?

  1. Whatabout-ism is annoying AF.
  2. How is nationwide re-configuring of DNS to enable censorship different than "bootstrapping peasant grade internet" is a dumb question on it's face.
  3. I'm sitting in the middle of Wyoming sending this comment via a 2Gb/s fiber optic connection. This is not "peasant grade".

So basically you are getting downvoted because your comment is irrelevant 'Murica bashing.

Now you know.

[–] sunzu2@thebrainbin.org -1 points 2 months ago (1 children)

My internet being bootstrapped by ISP is very much relevant especially considering that most of Lemmy is US based and likely doesn't know what their ISP does

But thanks for being honest

[–] Buelldozer@lemmy.today 0 points 2 months ago (1 children)

My internet being bootstrapped by ISP...

Seriously, what does "bootstrapped" mean in this context?

[–] sunzu2@thebrainbin.org 1 points 2 months ago (1 children)

ISP will hijack unencrypted DNS request made by your router for your "safety"

In practice they log your DNS queries and sell this data.

[–] Buelldozer@lemmy.today 1 points 2 months ago* (last edited 2 months ago)

Okay that I'm aware of but I've never heard of it referred to as "bootstrapping". Thanks for the explanation.