The South Korean government has announced its intention to begin eavesdropping on SNI (Server Name Indication) in order to extend their blocking efforts on sites that use the HTTPS protocol. Until now, the blocks were imposed through DNS blocking, making it easy for users to bypass and leaving many sites that are otherwise considered illegal unaffected. South Korea aims at 895 foreign domains that contain child pornography, online gambling, and pirated content. As the government states: “The SNI blocking is a method of checking and blocking the target server in the SNI field. It is not related to communication interception and data packet interception.”
SNI sniffing and data capturing will allow the Korea Communications Commission (KCC) to identify the hostname of the target server, essentially getting to know exactly which domains a user is trying to access. The official announcement makes it clear that the country’s seven Internet Service Providers (ISP) are to collaborate in the context of this new blocking action, and that IP and DNS modulation tools will be rendered ineffective against it. This decision, however, was met with opposition by many citizens of South Korea, advocates of internet freedom and users who think that the new measure will bring nothing other than disturbance.
Last year, South Korea's internet censorship system began hijacking DNS queries. Now, it intercepts SNI to find out remote hostname if website uses HTTPS. WTF? Am i living in China? pic.twitter.com/3nkwQWm8Wt
— 열무님 (@mooyoul) February 11, 2019
SNI censorship is based on the fact that the corresponding data is not encrypted, and so the regulatory agencies can figure out the target website. However, and as part of the effort to increase user privacy on all levels, network service providers have rolled out encrypted SNI traffic features (ESNI), so handshakes between the user and the domain stay hidden. Firefox is also planning to add support for ESNI, so bypassing SNI blocks will still be fairly easy, and VPNs will remain a solid option to do just that.
Users who oppose the new measure have started a petition that will remain open for another month and has already gathered the support of 205 thousands of people. Simply put, the petition claims that SNI sniffing will be the beginning of the internet censorship in the country, and that blocks will sooner or later be imposed on people and organizations that are not supportive to the leader or government that happens to incarnate the authority in the country at a given moment (they even compare this development with China internet censorship). The people who signed the petition believe that there’s subjective judgment involved in the blocking and that since the methods of circumvention remain effective against the new measure, it will be a waste of taxes.
Do you think that SNI eavesdropping is the way forward with the fight against piracy and illegal porn and gambling? Let us know where you stand in the comments section below, and don’t forget to share your thoughts on our socials as well, on Facebook and Twitter.