Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
China Censorship Government

China Is Now Blocking All Encrypted HTTPS Traffic That Uses TLS 1.3 and ESNI (zdnet.com) 103

China's Great Firewall "is now blocking HTTPS connections set up via the new TLS 1.3 encryption protocol and which use ESNI (Encrypted Server Name Indication)," reports ZDNet: The block has been in place for more than a week, according to a joint report authored by three organizations tracking Chinese censorship — iYouPort, the University of Maryland, and the Great Firewall Report. ZDNet also confirmed the report's findings with two additional sources — namely members of a U.S. telecommunications provider and an internet exchange point (IXP) — using instructions provided in a mailing list...

The reason for the ban is obvious for experts. HTTPS connections negotiated via TLS 1.3 and ESNI prevent third-party observers from detecting what website a user is attempting to access. This effectively blinds the Chinese government's Great Firewall surveillance tool from seeing what users are doing online.

There is a myth surrounding HTTPS connections that network observers (such as internet service providers) cannot see what users are doing. This is technically incorrect. While HTTPS connections are encrypted and prevent network observers from viewing/reading the contents of an HTTPS connection, there is a short period before HTTPS connections are established when third-parties can detect to what server the user is connecting. This is done by looking at the HTTPS connection's SNI (Server Name Indication) field.

In HTTPS connections negotiated via older versions of the TLS protocol (such as TLS 1.1 and TLS 1.2), the SNI field is visible in plaintext.

This discussion has been archived. No new comments can be posted.

China Is Now Blocking All Encrypted HTTPS Traffic That Uses TLS 1.3 and ESNI

Comments Filter:
  • by ugen ( 93902 ) on Saturday August 08, 2020 @08:51PM (#60381433)

    By doing this they are also helping other agencies, who may be watching the same traffic. Everyone wins.

    • by Tailhook ( 98486 )

      That's a great point. It's still kind of tangential but it wouldn't take much to get to a solid equivalence argument or even put the blame exactly where it belongs; The United States.

      Blame America First!

    • You have a strange concept of "everyone".
    • by dgatwood ( 11270 )

      By doing this they are also helping other agencies, who may be watching the same traffic. Everyone wins.

      Not really. It just means Chinese users no longer have access to any U.S. websites that aren't rich enough to have a dedicated web server with its own IP and, where applicable, a paid Cloudflare plan. The downgrade detection ensures that China can't force browsers to a lower TLS version, and it's not like anyone is going to choose not to upgrade their web server because of something done by the Chinese government. So basically, most of the Internet is going to go dark in China.

      I can't find any current nu

  • by swillden ( 191260 ) <shawn-ds@willden.org> on Saturday August 08, 2020 @08:55PM (#60381441) Journal

    ESNI is a good thing, and it can be very useful when you're connecting to an IP that hosts a lot of virtual servers, or is a reverse proxy for a bunch of different services, but most of the time the IP address of the server tells observers exactly where you're going. I doubt it seriously degrades the Great Firewall's use as a surveillance tool. However, blocking it will likely slow adoption a bit.

    • by Bert64 ( 520050 )

      Often not, when you have large CDNs who put thousands of sites behind the same IPs. It's not practical to give each customer their own IP unless you're exclusively using IPv6.

    • "servers, or is a reverse proxy for a bunch of different services, but most of the time the IP address of the server tells observers" that you're connecting to Cloudflare.

      That's the third piece of the puzzle. Encrypted DNS, TLS 1.3, and a widely used CDN IP (DNS over TLS is technically more sensible, but DNS over HTTPS seems to be where we're headed).

      • Re:Cloudflare (Score:5, Informative)

        by arglebargle_xiv ( 2212710 ) on Sunday August 09, 2020 @12:27AM (#60381757)

        No, it's a third piece of pointless wank: Encrypted DNS does nothing when the very next thing your browser does is go to the address that the DNS lookup was for. It reveals the plaintext of the encrypted DNS query immediately after it gets the ciphertext.

        It's also pretty easy to de-anonymise both ESNI and DoH based on traffic analysis and fingerprinting, there have been a number of papers published on this. The fact that China is blocking TLS 1.3 just means that their MITM proxies can't do 1.3 yet, nothing to do with the fig-leaf that is ESNI.

        • Comment removed based on user account deletion
          • Re:Cloudflare (Score:4, Informative)

            by arglebargle_xiv ( 2212710 ) on Sunday August 09, 2020 @02:09AM (#60381879)

            It reveals the IP address, not the host. Obviously if the host has an exclusive IP address it's as good as the hostname, but for multiple virtual hosts using the same IP address it gives a level of privacy.

            Only if your opponent isn't doing web site/traffic fingerprinting. Which seems unlikely if they're already doing DNS interception. So it's an illusion of security that most likely isn't there. In other words either no-one's watching and you don't need it, or someone's watching and it's not helping much. Sort of like a car seat belt that snaps if it's needed.

            • by mysidia ( 191772 )

              Only if your opponent isn't doing web site/traffic fingerprinting.

              Fingerprinting only causes a small problem. ESNI is not perfect, but is still useful, and it still provides privacy and prevents censorship based on hostname when accessing HTTPS hostnames that have not yet been found out by whomever is doing some sort of fingerprinting.

              If the website is not all that popular, and the people censoring/monitoring are not provided away to enumerate the lists of hosts or domain names on a server... the ce

        • > the very next thing your browser does is go to the address that the DNS lookup was for

          I see that you not only didn't read the post you replied to, you didn't even read the subject line. Let me fix the sentence for you:

          The very next thing your browser does is go to Cloudflare

    • by AmiMoJo ( 196126 )

      Thanks to the widespread use of CDNs the majority of connections are to shared servers now.

    • but most of the time the IP address of the server tells observers exactly where you're going

      Sorry but this is far from true "most" of the time. For "most" of the internet traffic in the world at best you'll find out who the CDN provider is. For much of the rest you'll find who the traditional hosting provider is. The 1-to-1 relationship between a DNS name and an IP address is getting very rare on the internet.

      • The point is that making automatic censorship decisions based primarily on "who the CDN provider is" will cause a country's automatic censorship system to block innocent websites. This makes the Internet less useful to its citizens in such a way as to make its export industry less competitive.

      • by tlhIngan ( 30335 )

        Sorry but this is far from true "most" of the time. For "most" of the internet traffic in the world at best you'll find out who the CDN provider is. For much of the rest you'll find who the traditional hosting provider is. The 1-to-1 relationship between a DNS name and an IP address is getting very rare on the internet.

        Not for long, because we're slowly heading into an IPv6 world, where such things no longer exist. Reusing IP addresses is an IPv4 problem - there's no need to do this stuff when you go to IPv

  • Comment removed based on user account deletion
    • Re:Commie bastards. (Score:4, Interesting)

      by rtb61 ( 674572 ) on Saturday August 08, 2020 @09:34PM (#60381511) Homepage

      I get the impression many countries are looking at what China does and want to emulate it, chief amongst those the USA but they contract it out to tech corporations to get passed the constitution in quite a criminal and corrupt fashion. You know what they say, when in doubt, sneaker net. Beware the internet and ease of being naughty, do not get trapped, do not make mistakes. If you are going to do silly shite, always put backdoor software on your main PC to prove it was hacked and use another portable device to do stuff, booting and running from USB just in case and controlling your main PC, naughty hackers ;D.

    • Re: (Score:2, Interesting)

      by Cyberax ( 705495 )

      I'm sure the Chinese people will defeat this. To hell with the CCP.

      Why would they? Chinese people are pretty much content with the CCP.

      • Bullshit.
        If you are raised naked, in a lightless basement, never taught to walk or speak, and eat out of a dog bowl, you're "content" with that too. We know, because that's exactly what happened at a Romainan orphanage.
        You cannot be not OK with it, if you don't even know what could be. If you're raised into it, it seems "just... normal".

        Now think about all the things you merely grew into, in US society, and as a person in your school and among your parents.
        Note how much you never thought about. Note how you

        • by Cyberax ( 705495 )

          If you are raised naked, in a lightless basement, never taught to walk or speak, and eat out of a dog bowl, you're "content" with that too.

          Such condescension... Do you seriously think that Chinese people have no idea about the West? That a billion people, each with a mobile smartphone, have no idea about the US and other democratic countries?

          Of course they do. Chinese people in general just don't think that democracy is worth the bother.

        • So what you're saying is the GP's post is 100% correct and Chinese people are content with it, and you even provided an example of an atrocity to back up the GP's statement?

          What part of it is bullshit again?

      • Comment removed based on user account deletion
        • Re:Commie bastards. (Score:5, Informative)

          by Cyberax ( 705495 ) on Sunday August 09, 2020 @01:40AM (#60381839)
          I actually do (and I learned Mandarin up to the HSK-5 level). People on Mainland China are generally content with the CCP rule, mostly because they see how it transformed China from a poor starving country into a leading global superpower.
          • Big migration to the cities? Farm mechanization becoming a thing?

            • by tepples ( 727027 )

              Let me try to explain what Cyberax is getting at: "People on Mainland China are generally content with the CCP rule, mostly because they see how it" was successful at organizing a "big migration to the cities" and deploying "farm mechanization".

          • People on Mainland China are generally content with the CCP rule, mostly because they don't understand that despite how non-CCP people in China transformed China from a poor starving country into a leading global power, the CCP has been a massive drag on their lives.

            TFTFY...

            • by Cyberax ( 705495 )

              People on Mainland China are generally content with the CCP rule, mostly because they don't understand that despite how non-CCP people in China transformed China from a poor starving country into a leading global power, the CCP has been a massive drag on their lives.

              Most ordinary people in China basically don't interact with the CCP. It exists but doesn't bother them (and vice versa). So how would that drag be apparent?

              It's also not at all clear that replacing the CCP with something else would help. India had a GDP per capita comparable with China in the early 90-s, and now China has 5x greater GDP. Yet India is a democracy (not the greatest one, but still).

              • The drag of the CCP is from their economic decisions, mostly because they were the ones making them from above, rather than allowing individuals to cooperate and decide. Huge drag early on (with the resulting starvation, etc...), less as they liberalized the economy (in the market sense) under Deng Xiaoping in the 1980s, a bit more again lately as they've made missteps of capital investments and government-run companies making mistakes which have wasted huge amounts of resources (see also "ghost" cities no

                • by Cyberax ( 705495 )

                  The drag of the CCP is from their economic decisions, mostly because they were the ones making them from above, rather than allowing individuals to cooperate and decide.

                  China has been fiercely capitalist at small and medium scale for the last 30 years or so. If you want to open a regular business in China, nobody would stop you (assuming you have Chinese citizenship, of course). China right now has middle class that is comparable (in percentage!) with the US, for FSM's sake!

                  Huge drag early on (with the resulting starvation, etc...), less as they liberalized the economy (in the market sense) under Deng Xiaoping in the 1980s

                  Mass starvation in China ended in mid-1960-s. Most people who are alive in China haven't seen these times or don't remember them.

                  a bit more again lately as they've made missteps of capital investments and government-run companies making mistakes which have wasted huge amounts of resources (see also "ghost" cities no one lives in).

                  These mistakes don't really affect ordinary people. Sure, they might have

      • Really? Why doesn't the CCP hold elections then?

        • by Cyberax ( 705495 )
          They actually do. China has local elections and indirect elections for the regional and federal levels. CCP has its own internal Byzantine system. Most people simply don't care about either one.
    • by gtall ( 79522 )

      I doubt the Chinese people will defeat this anytime soon. There does not appear to be an active opposition in China. As long as the CCP delivers economic benefits, the people appear quiescent.

      Chinese in general seemed to be okay with taking Tibet away from the Tibetans. They don't mind screwing the Uighers. No, they wouldn't like those tactics applied to them, but as long as it is those Other People, they seem perfectly fine with it. They are no better than the Japanese during WWII. The Japanese right now a

    • Well now our President is banning services that he doesn't like, which is unenforceable without doing something like this, so buckle up.
      • He hasn't banned any "services". He's prohibited a couple of companies from doing business with U.S. companies and individuals if they don't divest their U.S. operations so that they are no longer controlled by the Chinese government and Communist Party.

        So there's not need for, nor anyone looking to, do anything on a network level.

  • by oldgraybeard ( 2939809 ) on Saturday August 08, 2020 @09:40PM (#60381517)
    makes me want to upgrade ;)
  • Now all we need to do is immediately deprecate all TLS 1.3 and we have the best of both worlds. Great security for us and avoid the need to section off China, they'll do it to themselves when they block everything.

    • by fabioalcor ( 1663783 ) on Saturday August 08, 2020 @11:48PM (#60381719)

      Now all we need to do is immediately deprecate all NON-TLS 1.3

      FTFY.

      • Now all we need to do is immediately deprecate all NON-TLS 1.3
        FTFY.

        Is there something wrong with TLS 1.2 that renders it not fit for purpose? If the answer is no who it served by reducing agility in the event problems unique to TLS 1.3 are discovered?

    • by dgatwood ( 11270 )

      It's already pretty close to everything. TLS 1.3 has downgrade protection, so browsers issue a security warning if you hit a TLS 1.3-aware site through a downgrading firewall using current versions of... I think all major browsers at this point. So they've already deprecated TLS 1.2 and earlier except when hitting websites that truly don't support TLS 1.3.

      And most websites use ESNI. Mind you, the big websites don't, and as a percentage of traffic, those make up the majority, but as a percentage of sites

      • It's already pretty close to everything. TLS 1.3 has downgrade protection,

        So did earlier versions of TLS. Remember downgrade only ever worked because browsers **INTENTIONALLY BYPASSED** protections already baked into TLS.

        What I found most amusing about the situation is rather than browser vendors simply stop doing this they instead invented an entirely new mechanism that allowed the original abuse of the TLS protocol to persist.

        so browsers issue a security warning if you hit a TLS 1.3-aware site through a downgrading firewall using current versions of...

        In reality the firewall will terminate TLS using a dynamically generated public key from the Chinese trust anchors in your browser or operating system at

        • by dgatwood ( 11270 )

          It's already pretty close to everything. TLS 1.3 has downgrade protection,

          So did earlier versions of TLS. Remember downgrade only ever worked because browsers **INTENTIONALLY BYPASSED** protections already baked into TLS.

          What I found most amusing about the situation is rather than browser vendors simply stop doing this they instead invented an entirely new mechanism that allowed the original abuse of the TLS protocol to persist.

          Well yes and no. TLS prior to 1.3 provided a checksum at the end of the negotiation, but by that time, you've already sent the hostname, so the damage is done. With TLS 1.3, the protection occurs using nonce data embedded in the initial response from the server after the client declares what versions of TLS it supports, so the client can detect the downgrade before that downgrade tricks it into sending the server name in the clear. That's a subtle, but potentially important difference.

          so browsers issue a security warning if you hit a TLS 1.3-aware site through a downgrading firewall using current versions of...

          In reality the firewall will terminate TLS using a dynamically generated public key from the Chinese trust anchors in your browser or operating system at which point talk of "downgrade attacks" will have been rendered moot.

          Well, yes, maybe.

          And most websites use ESNI. Mind you, the big websites don't, and as a percentage of traffic, those make up the majority, but as a percentage of sites, I'm pretty sure that the sites that use ESNI make up the overwhelming majority. The latest number I could find was from a research paper written in 2003, but back then, it was 87%.

          You are confusing ESNI with SNI.

          ESNI is no longer even a thing. It was replaced with more generalized client hello encryption. Any existing use of the old ESNI scheme in the wild will be short lived.

          Ye

  • by Indy1 ( 99447 ) on Saturday August 08, 2020 @10:18PM (#60381603)

    Sounds like every Chinese net user needs to get a VPN account using wireguard, and tunnel all their traffic that way. Can't block every single UDP port, and all wireguard needs to work is one.

    • by Dorianny ( 1847922 ) on Saturday August 08, 2020 @10:26PM (#60381621) Journal
      Vpn use in China is a legal gray-area. Not that it matters much. The legal system is officially an arm of China's CCP party. There isn't even an an attempt to pretend that the legal system is fair and impartial.
      • by Indy1 ( 99447 ) on Saturday August 08, 2020 @10:47PM (#60381663)

        To be fair, their legal system is "You've pissed us off, now we hang you".

        What is going to piss them off more? Using a VPN and they don't know what you're looking at, or visiting some innocent site (i.e. Western news site) that pisses them off?

        Since there are SO many business reasons to be on a VPN, I would suspect if you're connected to a VPN and get questioned about it, there's a chance you will be able to say it was "for business" and they might accept that.

        Or they might shoot you regardless. Never can tell with communists.

  • by BAReFO0t ( 6240524 ) on Sunday August 09, 2020 @01:11AM (#60381815)

    ... I'd use the NSA's immense power, to turn ALL IP adresses that reach the outside of the great firewall into stealth VPNs that allow access to the open Internet, so China would either have to give up or block ALL external traffic, forcing the situation to its logical conclusion. And then run a satellite Internet above them that works without visible dishes. (E.g. either dishes under roofs, or normal-looking antenna.)

    • Comment removed based on user account deletion
      • Detector vans work by listening for the local oscilator from a super-hetrodyne radio receiver. A properly shielded receiver with a directional antenna won't leak any RF at all, meaning undetectable. Sattellite internet does require transmitting an RF signal, however, that could be detected from above using modified drones.
  • At least we know now TLS 1.3 and ESNI can not be cracked right now. Good. Thank to u China for telling usðY'
  • Yes! It's working as designed. This is great news.

    • And this is why Western Intellegence Agencies must work to secure our communications, instead of leaving the flaws in place so they can spy on China/Russia/Iran etc.
  • Why was the SNI ever plaintext in the first place? That seems like a major oversight. Did no one think that would be a privacy issue?

    • The original objective of HTTPS / SSL was for preventing silent man in the middle attack. The developers care more about if the online bank site is intercepted to show false information and/or user got impersonated and send fake instructions. It is such mindset that makes self-signed cert looks more "dangerous" to browser users than websites with totally zero encryption.

      For encrypting the target web address to be useful, DNS over HTTPS or DNS over TLS is required. And even after that, the target web site

    • by fubarrr ( 884157 )

      > Why was the SNI ever plaintext in the first place? That seems like a major oversight. Did no one think that would be a privacy issue?

      One word: Microsoft

    • Why was the SNI ever plaintext in the first place? That seems like a major oversight. Did no one think that would be a privacy issue?

      For the same reason websites ask you for a login and password rather than just a password. Authenticators need to know who they are communicating with in order to authenticate their identity.

      There are of course alternatives:

      1. Trial encryption where you cycle through all known identities and try keys until you get lucky. This is extremely expensive, unrealistic at scale and a magnet for shielding abuse.

      2. Leap of faith (anonymous key agreement) to protect channel while identity is transmitted. This would

  • ESNI has already been replaced with encrypted client hello (ECH) which grabs keys via DNS and is not being blocked by China firewalls.

  • IT's been a week that the 3g/LTE ISPs of Iran have also done the exact thing. I did not figure out why the hell my VPN connections suddenly stopped working, checking the logs it says handshake initiation failed with wireguard. Now that i read this article and did some more research, They began to do the same thing. How long till we become colonized by China i wonder?

You know you've landed gear-up when it takes full power to taxi.

Working...