on P1 all videos can be viewed properly, but for security sakes (prevent eavesdropping) i still use a VPN
YouTube Deep Packet Inspection, All HTTP connections being MITMed
|
|
 May 3 2013, 06:56 AM
|
 
All Stars
11,836 posts Joined: Mar 2011 From: Kota Kinabalu, Sabah  
|
|
Quote|
|
|
|
|
May 3 2013, 06:59 AM
|
 
Elite
195 posts Joined: Sep 2006 
|
*from update 5 on my first post*
... Hey, here's a simple test you can do with less than 2 commands on a Linux box + Wireshark : CODE wget http://www.facebook.com/DAPMalaysia  So a HTTP GET request for /DAPMalaysia results in the query taking 109 seconds to respond along with 8 TCP retransmissions (I'm basically getting 0 TCP responses from the server for 109 seconds). Let's see what happens when we request for the exact same URL however we append 1500 bytes of junk URI padding to the end : CODE #!/bin/bash for i in {1..1500} do PADDING=$PADDING"A" done wget "http://www.facebook.com/DAPMalaysia?test="$PADDING .. which results in .. CODE wget "http://www.facebook.com/DAPMalaysia?test=AAAAA... (1500 times)"  Oh? What do you know, no issues at all. Apparently appending an extra 1500 bytes of junk data to every HTTP request in a 'congested' network results in less network congestion. Who would have guessed /s --- My final comments on this issue .. I'm pretty apolitical when it comes to the Internet and networking. The only reason I have to keep testing what some may call PR-friendly URLs is because it seems that the only time we have 'congestion' is when accessing such content.. and the 'congestion' goes away the moment you obfuscate the requests enough. With the resources that the MCMC has available to debug these kind of issues, I'm honestly surprised they haven't figured this out already. The tests we've done here show at the very least there is some kind of HTTP request inspection happening and traffic is being dropped once certain strings have been identified. As Internet users and/or caretakers, we should be against any form of Internet censorship. I leave you with these two articles hosted on the MCMC/SKMM website : http://www.skmm.gov.my/Media/Press-Clippin...sur-fitnah.aspx QUOTE SKMM pantau, sekat blog ada unsur fitnah 03/03/2013, Berita Harian Butterworth: Suruhanjaya Komunikasi dan Multimedia Malaysia (SKMM) akan memantau dan menyekat mana-mana blog yang didapati memuatkan kenyataan berunsur fitnah menjelang Pilihan Raya Umum Ke-13 (PRU-13). Timbalan Menteri Penerangan, Komunikasi dan Kebudayaan, Senator Datuk Maglin Dennis D'Cruz, berkata kebanyakan blog yang disiasat SKMM kebanyakannya mempunyai agenda tersendiri dengan menulis kenyataan yang tidak betul dan cuba berbohong untuk menjatuhkan maruah seseorang. βOleh itu, sempena PRU-13, SKMM diminta memantau dan menyekat mana-mana blog yang cuba menjatuhkan seseorang dengan menulis perkara tidak benar dan mempunyai unsur fitnah, sama ada pada pihak pembangkang atau Barisan Nasional (BN). Kita mahu PRU-13 berjalan aman tanpa sebarang isu,β katanya. Beliau berkata demikian selepas merasmikan Program Kenali dan Mesra Jiran Peringkat Negeri Pulau Pinang di Rumah Pangsa Taman Bagan, di sini semalam. Hadir sama, Ketua UMNO Bagan, Datuk Abdul Latiff Mirasa; Penyelaras BN Bagan Dalam, M Karuppanan dan Penyelaras BN Parlimen Bagan, David Chua Teik Siang. http://www.skmm.gov.my/Media/Press-Clippin...edia-In-Ge.aspx QUOTE MCMC To Monitor, Control Use Of Social Media In General Election 13 To Prevent Abuse 02/03/2013, Bernama BUTTERWORTH, March 2Β (Bernama) -- The Malaysian Communications and Multimedia Commission (MCMC) is looking into suitable methods to monitor and control the use of social media in the 13th general election (GE13). Deputy Information Communications and Culture Minister Datuk Maglin Dennis D'Cruz said this was to ensure that the social media would not be abused by irresponsible quarters to achieve their own political agenda. Last week, Prime Minister Datuk Seri Najib Tun Razak said the GE13 would be the first 'social media election' in the country where internet would be widely used as a campaign tool. The MCMC will monitor all users of social media, regardless of their political beliefs, to ensure peace and smooth running of the GE13, Maglin said after opening the 'Know Your Neighbours' programme organised by Penang Information Department at Taman Bagan flats here Saturday. The deputy minister said the monitoring of the social media was vital as certain quarters were only good at making baseless allegations and spreading lies to gain political mileage, adding that he himself had once fallen victim to such lies and accusations. Maglin said the culture of making baseless allegations and distorting facts among politicians was indeed unhealthy and would only confuse the public, especially the young generation. "They should not be so selfish and lie just for the sake of gaining political mileage because what matters most in politics was to ensure that the people will live in peace and harmony. "Therefore, the public, especially the young voters should be wise enough to do their parts in selecting the right government with vast experience in managing the country, so that their future will be secured. "Don't believe the lies and accusations made by those whose aim is only to create disharmony among the people," he added.  This post has been edited by rizvanrp: May 3 2013, 07:04 AM |
|
|
May 3 2013, 07:10 AM
|
Newbie
0 posts Joined: Dec 2007
|
Totally agree with this. This is what the newer firewall is capable of doing. Application layer based filter which can block the access based on application layer behavior. In this case, it is doing the HTTP header inspection and block it based on that. One worthwhile test is to view it using https://www.youtube.com/
But, those packet capture test that you did is a very good indication that the packet drops are being quietly dropped by something. Great stuff on your test.. Packets doesn't lie  QUOTE(rizvanrp @ May 3 2013, 06:59 AM) *from update 5 on my first post* ... Hey, here's a simple test you can do with less than 2 commands on a Linux box + Wireshark : CODE wget http://www.facebook.com/DAPMalaysia So a HTTP GET request for /DAPMalaysia results in the query taking 109 seconds to respond along with 8 TCP retransmissions (I'm basically getting 0 TCP responses from the server for 109 seconds). Let's see what happens when we request for the exact same URL however we append 1500 bytes of junk URI padding to the end : CODE #!/bin/bash for i in {1..1500} do PADDING=$PADDING"A" done wget "http://www.facebook.com/DAPMalaysia?test="$PADDING .. which results in .. CODE wget "http://www.facebook.com/DAPMalaysia?test=AAAAA... (1500 times)" Oh? What do you know, no issues at all. Apparently appending an extra 1500 bytes of junk data to every HTTP request in a 'congested' network results in less network congestion. Who would have guessed /s --- My final comments on this issue .. I'm pretty apolitical when it comes to the Internet and networking. The only reason I have to keep testing what some may call PR-friendly URLs is because it seems that the only time we have 'congestion' is when accessing such content.. and the 'congestion' goes away the moment you obfuscate the requests enough. With the resources that the MCMC has available to debug these kind of issues, I'm honestly surprised they haven't figured this out already. The tests we've done here show at the very least there is some kind of HTTP request inspection happening and traffic is being dropped once certain strings have been identified. As Internet users and/or caretakers, we should be against any form of Internet censorship and it is fairly. I leave you with these two articles hosted on the MCMC/SKMM website : http://www.skmm.gov.my/Media/Press-Clippin...sur-fitnah.aspx http://www.skmm.gov.my/Media/Press-Clippin...edia-In-Ge.aspx  |
|
|
May 3 2013, 07:24 AM
|
|
Senior Member
608 posts Joined: Jan 2003 
|
QUOTE(rizvanrp @ May 3 2013, 06:59 AM) *from update 5 on my first post* Thumbs up! Great stuff. Your latest test have cleared my doubts on the congestion theory. This is gruesomely bad. Please someone with admin contacts to Google/FB/YT get them to shut all pages down as a protest. FOI!!!!... Hey, here's a simple test you can do with less than 2 commands on a Linux box + Wireshark : CODE wget http://www.facebook.com/DAPMalaysia So a HTTP GET request for /DAPMalaysia results in the query taking 109 seconds to respond along with 8 TCP retransmissions (I'm basically getting 0 TCP responses from the server for 109 seconds). Let's see what happens when we request for the exact same URL however we append 1500 bytes of junk URI padding to the end : |
|
|
May 3 2013, 07:26 AM
|
|
Newbie
0 posts Joined: Dec 2007
|
Let me take back my previous suggestion about using https://
I've just tried to do a fiddler capture and it looks like the player request comes over HTTP even though you started HTTPS connection. |
|
|
May 3 2013, 11:01 AM
|
|
Junior Member
11 posts Joined: Jul 2011
|
Use tor browser, problem settled.
|
|
|
|
|
|
May 3 2013, 11:29 AM
|
Senior Member
525 posts Joined: Nov 2011 From: inside PC
|
watch in dailymotion... they aledi sniff wat we watch.
|
|
|
May 3 2013, 02:15 PM
|
|
Junior Member
18 posts Joined: Apr 2005
|
I just noticed today they have started blocking pro-opposition ads on YouTube. The one I noticed was the Zul Nordin one. Same like the blocked videos, only the first frame and title can be seen. It pauses for about 10-15 secs and then the main video plays.
Incidentally the main video is not GE13 related. |
|
|
May 3 2013, 02:24 PM
|
|
Senior Member
2,239 posts Joined: Aug 2008
|
Hi. Here's another video that they've blocked which is the one from Global-Witness. Also maybe TS should list videos/sites that are blocked in the frontpage?
|
|
|
May 3 2013, 02:56 PM
|
Junior Member
284 posts Joined: Feb 2005
|
Not only is deep packet inspection happening, but the latest report from Citizenlabs now points out that the Malaysian government is spying on its citizens....
http://www.keithrozario.com/2013/05/the-ma...spy-fisher.html |
|
|
May 3 2013, 02:59 PM
|
Senior Member
1,259 posts Joined: May 2012 From: Kaoshiung, Taiwan and Kuala Lumpur
|
QUOTE(freakenstein @ May 3 2013, 02:24 PM) Hi. Here's another video that they've blocked which is the one from Global-Witness. Also maybe TS should list videos/sites that are blocked in the frontpage? yeah, I unable to access it |
|
|
May 3 2013, 03:57 PM
|
|
Junior Member
66 posts Joined: Mar 2013
|
Add another site to the blockade:
http://bm.harakahdaily.net/index.php/berit...an#.UYMWqsqBCSo https works as usual |
|
|
May 3 2013, 04:12 PM
|
Senior Member
9,590 posts Joined: Jan 2008 From: S'wak||KL||SG
|
QUOTE(freakenstein @ May 3 2013, 02:24 PM) Hi. Here's another video that they've blocked which is the one from Global-Witness. Also maybe TS should list videos/sites that are blocked in the frontpage? No issue accessing this.Btw... http://youtu.be/MGlcjG-iloY?t=31m48s They're not "blocking". Right?? |
|
|
|
|
|
May 3 2013, 04:19 PM
|
|
Senior Member
9,590 posts Joined: Jan 2008 From: S'wak||KL||SG
|
QUOTE(kar2on @ May 3 2013, 02:56 PM) Not only is deep packet inspection happening, but the latest report from Citizenlabs now points out that the Malaysian government is spying on its citizens.... http://www.businessinsider.com/countries-w...software-2013-5http://www.keithrozario.com/2013/05/the-ma...spy-fisher.html QUOTE ...a contract from Gamma detailing a $380,000 license to run the software for five months. That's expensive! |
|
|
May 3 2013, 04:30 PM
|
|
Senior Member
2,239 posts Joined: Aug 2008
|
QUOTE(IwanAGP @ May 3 2013, 04:12 PM) Hmm , weirdly enough I wasn't been able to access that at the time when i was posting. |
|
|
May 3 2013, 04:49 PM
|
Senior Member
4,081 posts Joined: Aug 2005 
|
@admin,
could u guys link this to GE13 section? some people dunno how to go through this... tq |
|
|
May 3 2013, 06:41 PM
|
Junior Member
190 posts Joined: May 2005 From: ππ²π±π’π―π°πππ π’ 
|
|
|
|
May 3 2013, 07:24 PM
|
Senior Member
541 posts Joined: Jun 2007 From: Penang
|
QUOTE(squall0833 @ May 3 2013, 03:29 AM) http://www.youtube.com/watch?v=KfA4U8h1_aw im dying to watch this, but cant..γGo By Heartγ- BM version Mandarin version isn't blocked. anyone know a way to watch this? damn u bn.. |
|
|
May 3 2013, 07:36 PM
|
|
Senior Member
9,590 posts Joined: Jan 2008 From: S'wak||KL||SG
|
QUOTE(slier81 @ May 3 2013, 07:24 PM) im dying to watch this, but cant.. For me, if watch the Malay subtitled version on Youtube, it will started loading after 1min but not continuously buffered.anyone know a way to watch this? damn u bn.. Facebook version https://www.facebook.com/photo.php?v=10151552136933116 Enjoy! |
|
|
May 3 2013, 07:40 PM
|
|
Senior Member
541 posts Joined: Jun 2007 From: Penang
|
QUOTE(IwanAGP @ May 3 2013, 07:36 PM) For me, if watch the Malay subtitled version on Youtube, it will started loading after 1min but not continuously buffered. thank you sirFacebook version https://www.facebook.com/photo.php?v=10151552136933116 Enjoy! |
| Change to: |  0.0294sec
 0.25
 5 queries
 GZIP Disabled
Time is now: 9th December 2025 - 03:37 AM |
All Rights Reserved © 2002- 2025 Vijandren Ramadass (~unite against racism~)
Powered by Invision Power Board © 2025 IPS, Inc.