- Airtel uses 25 middleboxes to block websites in India, a report notes.
- Jio likely uses same way to block sites through SNI, though researchers could not confirm it.
- Researchers claim blocking of sites by Airtel, Jio is similar to Chinese censorship.
Internet users know well that thousands of websites in India, many of them file-sharing or porn sites, are banned in India. Now a report sheds some light on the methods used by Jio and Airtel, which are prominent internet service providers in the country, to block these websites. A report notes that Airtel -- and likely Jio but not confirmed use middleboxes, which are specially-configured routers to resolve website DNS, to block websites in India.
Researchers from the Centre for Internet and Society (CIS) traced 25 middleboxes that are used to block websites to Airtel. As per the report, both Airtel and Jio rely on Server Name Indication (SNI), a website identifier on a server, to carry out the blocking.
The report in Medianama cited a blogpost by Gurshabad Grover and Kushagra Singh, who attributed 25 middleboxes to Airtel that were censoring internet traffic. They first got its IP address and mapped it against a public database of IP addresses. From there, they could identify 25 middleboxes that were registered to Airtel.
It is worth noting that in blocking websites Airtel and Jio are only following the government directives. Order to block a website in India comes from the Department of Telecom, and internet service providers have to comply with it. Though it is another matter that these orders are not publicly available and there is no way for the Indian users to know whether blocking of a website is done because of a valid reason or if it is done just because someone somewhere decided that some websites should be banned in India.
Blocking of websites in India is not new. Over the years we have seen again and again a number of websites getting blocked for a number of reasons, including on the basis of court-issued John doe orders.
However, the latest report makes it clear that unlike the rudimentary website blocking done on the basis of banned domain name lists earlier, now Airtel and Jio are employing more sophisticated blocking measures, similar to the ways and tools used by China to block thousands of websites.
Majorly it seems that Airtel and Jio rely on Server Name Indication (SNI) to identify the requested website and then block it in case the website is in the list of banned sites in India. In case a user tries to access this website, he or she gets "PR_CONNECT_RESET_ERROR". For example if a user tries to access Torrentz2 website, they will get the following error.
Through using SNI-based blocking, Airtel and Jio can also ban the HTTPS websites. This is because SNI is not encrypted and it reveals details of which website is going to be accessed, even if HTTPS prevents internet service providers from figuring out what a user is doing on a secure account. To counter these web browsers, most notably Mozilla Firefox, have started implementing eSNI, which is encrypted, but for now, the feature remains experimental for all practical purposes.
"Users trying to access websites usually contact the ISP's DNS directory to translate a human-parseable address like xyz.com to its network address," the researchers noted. "Some ISPs in India, like BSNL and MTNL, respond with incorrect network addresses to the users' queries for websites they wish to block."
Then they highlighted that ISPs like Airtel and Jio use the SNI method. "ISPs like Jio, Airtel and Vodafone monitor this field for names of websites they wish to block, intercept such requests, and return anything they wish as a response," the researchers noted in their blog post.
While researchers were able to identify middleboxes used by Airtel, they could not identify such routers for Jio with 100 per cent confidence. This, they noted, was likely because Jio has configured middleboxes using proxy servers.