Information Warfare · Russia

Activists have used the vulnerability in the Roskomnadzor and now blocking the wrong sites. How does it work?


Andrew Igoshev / Lori Photobank

(Translated from Russian by my Chrome browser)

June 4, some users in Russia have problems with access to the messenger Telegram, and the next three days were not available, and many of the popular public sites – online cinema ivi.ru, “Wikipedia”, “Medusa” and many others. Cause problems lay in the fact that resource owners who have fallen in the register of banned sites (it is Roskomnadzor), took advantage of the vulnerability of the system of monitoring sites and blocking websites – and you have entered into the register of banned sites Resources IP-addresses, which are in the black list is not. “Jellyfish” tells how it happened and who was doing it.

How does this happen?

Roskomnadzor introduced in the register a domain name and IP-address of the forbidden resource. For example, the name – http://grani.ru/, and address – a set of figures, a kind of coordinates of the resource in the global network. To not have to enter each time the address bar of the browser, there is a special database – Domain Name System ( «The Domain Name System», DNS). In her address next to each name recorded.

Owners of any resources on their own prescribed address in front of their domain names, but they will write there, not controlled by anyone. It would seem that such control is not needed: for example, the owners of the domain meduza.io no interest to users who enter their address into your browser, includes, for example, on the site of Roskomnadzor.

However, site owners have found themselves in the black list of Roskomnadzor, began to register in the DNS domain name in front of your third-party IP-address. So they are forced ISPs to block websites that they want.

From vulnerability affects only small providers, since the major has a special system that allows you to not pay attention to what address is registered in DNS. Buying and setting up a system of eight thousand users will cost about a million rubles – the small operators simply can not afford it.

Why do some owners of domains to block addresses of the other?

says one of the activists; He asked to remain anonymous

Subject that can block websites like this, there was a long time – even before any locks, many warned that this scenario is possible. Now someone finally took advantage of vulnerabilities in practice and started the wave. A lot of these locks in the last days – the consequences as a viral effect and systematic work.

Some in the wake of intoxication troll Roskomnadzor and other state bodies, blocking their websites. Others – use the vulnerability as a weapon in the war on Roskomnadzor. The objective of these people (treat them and I) – to complicate the life of everyone who tries to encroach on the freedom of speech and anonymity online. Thus, it is possible to block the service Roskomnadzor servers, and work [department] will difficult to block sites. The objectives are and propaganda resources – site of NTV and others .

I have no coordination. Was the original promise: “There Roskomnadzor and their vulnerability. You know what to do”. Technically, it is very simple. Among the blocked many of those that are released and available for sale domain names. For example, in the area .space names registrar NameCheap cost 80 cents. Register vacant domain, located in the register of banned sites and register in its DNS unwanted resources you need – a hundred, even more. All.

I once bought 18 pieces, then buy another the same. I ordered there “Inspector” system service server, portal “United Russia”. Soon, even the straight line with Vladimirom Putinym, I am sure that someone will enter and the IP-address translation. In general, a lot of applications. You can simply close the Internet for a large part of our citizens.

And by the way, we do not break the law – we simply change the DNS-records. But, of course, just in case we use [anonymous network] Tor.

Advertisements

2 thoughts on “Activists have used the vulnerability in the Roskomnadzor and now blocking the wrong sites. How does it work?

Comments are closed.