have you tried this simple technique to bypass censorship? (programming.dev)

submitted 1 week ago by ghodawalaaman@programming.dev to c/privacy@lemmy.ml

15 comments fedilink hide all child comments

hello,

TLDR: just enable DoH

Today, my friend and I were talking about SNI and deep packet analysis shit done by the government. I insisted that since they do this kind of shit they can block access to certain sites like TPB and other freedom websites. he suggested that I just enable DoH in firefox and see the magic happen. I didn't believe him until I enabled DoH and magic. I can access every censored website.

so just saying that sometimes the bypass is much simpler than we think!

also I am thinking that even if the DNS request is encrypted cant they see the TLS client hello message and block it? or is it impossible?

you are viewing a single comment's thread
view the rest of the comments

[-] RaisinCrazyFool@kopitalk.net 17 points 1 week ago

Yes, everyone should set up DoH (DNS-over-HTTPS) or DoT (DNS-over-TLS). You can do this at the browser level, like you just did in Firefox, or at the OS level.

You can also block ads this way, by cutting off connections to known ad domains before they even start. Mullvad runs a free ad-blocking DoH server anyone can use. See https://mullvad.net/en/help/dns-over-https-and-dns-over-tls for instructions on how to set that up on your OS.

Firefox has also just announced a built-in VPN, which could help get around other types of ISP-level censorship. That's probably the only free VPN I'd trust, personally. Mullvad and Proton are well-regarded paid VPNs if you want to go that route.

[-] eldavi@lemmy.ml 11 points 1 week ago

DoH (DNS-over-HTTPS)

the acronyms in this context are the biggest barrier for people to understand wtf is going on. lol

[-] u9000@lemmy.blahaj.zone 4 points 1 week ago* (last edited 1 week ago)

Proton also has a free tier on their VPN

[-] eldavi@lemmy.ml 1 points 1 week ago

is it available to all proton email users?

[-] Auli@lemmy.ca 4 points 1 week ago

Ad blocking with DNS only works some time.

[-] RaisinCrazyFool@kopitalk.net 3 points 1 week ago* (last edited 1 week ago)

Right. It only works for dedicated ad domains. In practice, that's a LOT of ads.

On Android, it'll block most ads, including full-screen ads, within apps.

In will NOT, however, work with sites like Netflix or Youtube, because those use the same domains for ads as for the actual videos.

this post was submitted on 26 Apr 2026

30 points (96.9% liked)

Privacy

48357 readers

212 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 6 years ago

MODERATORS