Reddit on ACT Fibrenet

[Sushubh]

even security agencies are pissed.

Similarly, the GCHQ, Britain's intelligence service, has also criticized both Google and Mozilla, claiming the new protocol would impede police investigations and that it could undermine its existing government protections against malicious websites.

The Internet Watch Foundation (IWF), a British watchdog group with a declared mission to minimize the availability of online child sexual abuse content, also criticized both Google and Mozilla, claiming the browser makers were ruining years of work in protecting the British public from abusive content by providing a new method for accessing illegal content.

 

[Sushubh]

this is also going to become a nightmare for corporates. if they are unable to restrict these technologies on their network, their IT guys would have no way to monitor and control what their employees are doing.

 

[d5aqoëp]

But enabling ESNI and passing all 4 tests on cloudflare website still doesn’t unblock any of those blocked sites on Jio or on Hathway or even on MTNL for that matter.

 

[Sushubh]

ESNI needs to be enabled by the domain. i believe all domains hosted on cloudflare have esni turned on by default.
and your browser needs to support esni. firefox supports it but you have to turn it on manually.

as a user, you can only enable doh/dot at your end. rest the web host has to do. (https, hsts, dnssec, esni). once this becomes widespread... it should basically nullify a lot of blocking strategies by ISPs.

908132 - chromium - An open-source project to help move the web forward. - Monorail

bugs.chromium.org

 

[Sushubh]

i have not tried it myself. but find a domain on cloudflare that is blocked on your isp.
try accessing it on firefox after enabling ESNI and doh in firefox.
it should logically become accessible.

 

[d5aqoëp]

@Sushubh have you enabled ESNI for this site?

 

---

[d5aqoëp]

i have not tried it myself. but find a domain on cloudflare that is blocked on your isp.
try accessing it on firefox after enabling ESNI and doh in firefox.
it should logically become accessible.

Tried for each and every site and none of them worked.

 

[Sushubh]

ESNI becomes enabled when i have cloudflare turned on. i usually keep it off coz there is a massive performance hit at least on my end. i would have to check if i can configure it directly on the server so that it stays on even without cloudflare

 

[Sushubh]

give me some examples. would check at my end!

 

[d5aqoëp]

Jio’s and Hathway’s blocking is seriously strong. Only success with PIA VPN.