Yesterday, South Korea's overseas line monopolistic ISP 'KT' is start to running a DNS packet Manipulation over Inspection Program in partial of they're lines.
someone says it's just a undersea cable line or just a Equipment issues but Not sure to confirm.
only we confirm is, Half of South Korea Civils experience Particial Packet Drops over HTTPS connections.
no matter what's service is (Webpage, VoIP, Video, PC Games), and no matter what's ISP is(all the 3 ISP using KT's Over Country Cables to lease)
and it's part of further international action of Against Revenge Porn and Intellectual Property Piracy Websites.
(like those give pressure on Tumblr porn move to Twitter kind of)
so, i've test some affected websites for sure.
tested on
/ Windows 10 64bit with FF65
/ Android 7.1 Device with FF66 for Android Beta
/ Android 8.1 Device with FF65 for Android
1. in usual case like 'without any custom DNS setting and using 3 ISP's DNS in korea',
all the DNS Packet are manipulated and not secure so webbrowser showing us 'Secure Connection Failed' in all the HTTPS url.
2. so this time try with custom DNS like 1.1.1.1 or 8.8.8.8 kind of 'Support DNS over HTTPS' ones without Encrypted SNI,
now sometimes connection is in, sometimes not.
mostly first connection is failed and have to try some more on each indivisual url connections
to succed to connect but won't be use properly in general usages.
3. we are know Current AdGuard Filtering Engine doesn't support on Encrypted SNI related thing YET but will support in future.
so i've try test on 1.1.1.1 App for Android from CloudFlare Official, set with DNS over TLS mode, not the DNS over Https Mode, Set the Encrypted SNI to ON from Firefox's About:Config page.
now you can check the both DoH and DoT status from 1.1.1.1 Connection Information page
https://1.1.1.1/help
now all the connections trough secure packet seems works fine.
as expected, Current DNS change trough AdGuard, select to DNS Crypted server can't solve this issue.
i'm not try fully proper test on former 'DNSSEC' connection method but as i've seen it won't be pass this packet manipulation i guess.
test result is simple, current Encrypted SNI to using DNS over TLS can avoid current DNS Packet Inspect and Manipulation Program, just using DNS over Https is leaked and filteredable from ISPs.
it's not a Major Social issues in Korea yet, but South Korea is almost 98% percentage of Smartphone usage rate one.
sooner or later it will be issues in social crowds, it will become opertunity to AdGuard products and services.
before ready on those functional in AdGuard, or at least modify AdGuard to work harmony with CloudFlare's 1.1.1.1 Application, advertise or announcement of AdGuard's work & ready on SNI thing for targetting customers in Highly Surveilenced Nations would be good i think.
someone says it's just a undersea cable line or just a Equipment issues but Not sure to confirm.
only we confirm is, Half of South Korea Civils experience Particial Packet Drops over HTTPS connections.
no matter what's service is (Webpage, VoIP, Video, PC Games), and no matter what's ISP is(all the 3 ISP using KT's Over Country Cables to lease)
and it's part of further international action of Against Revenge Porn and Intellectual Property Piracy Websites.
(like those give pressure on Tumblr porn move to Twitter kind of)
so, i've test some affected websites for sure.
tested on
/ Windows 10 64bit with FF65
/ Android 7.1 Device with FF66 for Android Beta
/ Android 8.1 Device with FF65 for Android
1. in usual case like 'without any custom DNS setting and using 3 ISP's DNS in korea',
all the DNS Packet are manipulated and not secure so webbrowser showing us 'Secure Connection Failed' in all the HTTPS url.
2. so this time try with custom DNS like 1.1.1.1 or 8.8.8.8 kind of 'Support DNS over HTTPS' ones without Encrypted SNI,
now sometimes connection is in, sometimes not.
mostly first connection is failed and have to try some more on each indivisual url connections
to succed to connect but won't be use properly in general usages.
3. we are know Current AdGuard Filtering Engine doesn't support on Encrypted SNI related thing YET but will support in future.
so i've try test on 1.1.1.1 App for Android from CloudFlare Official, set with DNS over TLS mode, not the DNS over Https Mode, Set the Encrypted SNI to ON from Firefox's About:Config page.
now you can check the both DoH and DoT status from 1.1.1.1 Connection Information page
https://1.1.1.1/help
now all the connections trough secure packet seems works fine.
as expected, Current DNS change trough AdGuard, select to DNS Crypted server can't solve this issue.
i'm not try fully proper test on former 'DNSSEC' connection method but as i've seen it won't be pass this packet manipulation i guess.
test result is simple, current Encrypted SNI to using DNS over TLS can avoid current DNS Packet Inspect and Manipulation Program, just using DNS over Https is leaked and filteredable from ISPs.
it's not a Major Social issues in Korea yet, but South Korea is almost 98% percentage of Smartphone usage rate one.
sooner or later it will be issues in social crowds, it will become opertunity to AdGuard products and services.
before ready on those functional in AdGuard, or at least modify AdGuard to work harmony with CloudFlare's 1.1.1.1 Application, advertise or announcement of AdGuard's work & ready on SNI thing for targetting customers in Highly Surveilenced Nations would be good i think.
