Niklas Niere/JonSnowWhite

China advanced its QUIC censorship. The GFW now decrypts QUIC Initial packets and extracts the hostname from the SNI extension—similar to its censorship of TLS over TCP. My colleague details our findings in our new blog post: https://t.co/epidRv0jf9

3. Unencrypted HTTP/1.1 is still supported by around 20% of servers. 4. To easily analyze a website for unencrypted HTTP support, we provide a small tool: https://t.co/JP3BQpiake

Unencrypted HTTP/2 is uncensored in China and Iran. While mostly used in conjunction with TLS, HTTP/2 can be used standalone to circumvent HTTP(S) censorship. We outline this finding in a blog post https://t.co/YdOQA0ei49 and summarize the takeaways below.

1. Unencrypted HTTP/2 is uncensored in China and Iran. We suspect similar behavior in other countries. 2. Unencrypted HTTP/2 is supported by up to 6.28% of servers. Smaller servers and censored websites show higher support than large websites.

Last week, Russia started blocking the Encrypted Client Hello(ECH). This prevents Russian internet users from utilizing ECH for censorship circumvention. It also blocks otherwise uncensored websites such as SteamDB. I wrote a short summarizing blog post: https://t.co/sPmLWdYTNf

Closing remarks: 1. (Voluntary) Internet Censorship is prevalent in Germany 2. It is also easily circumventable 3. Copyright holders of scientific work put in effort to uphold that copyright

Sci-Hub is now officially blocked in Germany. Following a decision from Jan 8th, 2024, ISPs now redirect to a shared blockpage: https://t.co/s56UTJWbSe I share some insights in this thread:

How can the block be circumvented? 1. Use an alternate domain, not all Sci-Hub domains are affected by the blocks 2. Use an alternative DNS server. A quick fix in Firefox is to enable "Increased protection" for DNS over HTTPS; for Chrome enable "Use secure DNS"

Anybody from my followers working for Fastly (or knows anyone) who can help us with some TLS analyses? Thank you!