Dyn’s security director explains how filters can get around the system.
The Turkish government’s move to ban Twitter has not been entirely successful in censoring tweets from Turkey.
The attempted censorship of the social networking site to quash allegations of government corruption, has been circumvented by many Turkish tweeters by using alternative platforms, such as Hootsuite, or adjusting filters.
Chris Brenton, director of security at internet performance specialist, Dyn, said: "While many [people] talk about the political implications or how the Turkish people can get around the ban, there is no good description of why the ban is a technically futile effort."
He explained to CBR how implementing a filter to censor content on a country-sized level is highly problematic:
Domain Name System
When you type into your browser the name of a Web site, DNS takes care of quickly and silently translating that name into an IP address so your computer connects to the correct Web site. This is all done in the background, so most people are not even aware it takes place.
Filtering With DNS
As mentioned above, DNS takes care of translating between words and IP addresses. Most networks run one or more local domain name servers to perform this task. One of the ways you can attempt to filter a domain is to corrupt how these name servers process their requests, effectively hijacking the domain from the perspective of all of the local users relying on that name server.
In the case of Turkey, the government does not necessarily run all of the name servers within the country. They do however have legal jurisdiction over the Internet Services Providers (ISPs) operating within the country’s borders. So Turkey’s first attempt at blocking Twitter was to hijack the twitter.com domain on name servers running within their borders.
Circumventing DNS Filters
The first method of circumventing DNS filtering is probably pretty obvious; simply do not use the name servers that are returning corrupted information. Many individuals within Turkey figured this out and started using Google’s public DNS service.
Turkey’s next response was somewhat expected. When the Turkish government learned that people were using alternate name servers, they began implementing an IP block against those servers.
Filtering by IP Address
When the Turkish government learned that people were using alternate name servers, they began implementing an IP block against those servers. Filtering by IP address is the "big stick" used to block Internet communications.
Circumventing IP Address Filtering
For the average person, IP address filtering is extremely effective. For the tech savvy however, it’s a mere bump in the road, citizens continually find a way to circumvent it.
While both DNS and IP filter can be successfully implemented at the corporate level, they start to break down as the network and user base grows exponentially in size. Attempting to implement filtering at a country level is incredibly problematic.