Welcome Guest ( Log In | Register )

Outline · [ Standard ] · Linear+

> YouTube Deep Packet Inspection, All HTTP connections being MITMed

views
     
kar2on
post May 2 2013, 05:17 PM

Getting Started
**
Junior Member
284 posts

Joined: Feb 2005


OpenDNS would work against DNS blocks, but this is deep packet inspection. It's Telekom Malaysia looking into your internet traffic and figuring out which facebook page or youtube video you're watching.

The only way around it is encryption (via SSL) or a better way is via a VPN proxy, but most people don't have that.

The other possible solution is to use TOR, which should be a sure-fire way to circumvent these issues.

http://www.keithrozario.com/2013/05/teleko...or-to-ge13.html

I think we need a TOR tutorial here soon.
kar2on
post May 3 2013, 02:56 PM

Getting Started
**
Junior Member
284 posts

Joined: Feb 2005


Not only is deep packet inspection happening, but the latest report from Citizenlabs now points out that the Malaysian government is spying on its citizens....

http://www.keithrozario.com/2013/05/the-ma...spy-fisher.html
kar2on
post May 24 2013, 01:38 PM

Getting Started
**
Junior Member
284 posts

Joined: Feb 2005


Papagomo has been blocked for some time now, and it seems the list of blocked sites is ever growing.

DAP recently lodged a complaint to the MCMC regarding the site blocking, however they're IT manager suggested that TM employed a software suite called Arbor Network Peakflow SP to filter the internet, my research leads me to believe its actually Bluecoat Packetshaper instead.

QUOTE
Bluecoat is currently being used by ISPs in countries like Syria, Burma, Egypt and Saudi Arabia for various reasons, but are these the sorts of countries we want to be associated with? Rubbing shoulders with the worst of the worst–of course to be fair they’re also deployed in Singapore and South Korea, so what is Bluecoat really used for?

There’s a whole bunch of easily obtainable documentation online, where Bluecoat openly boast about their ability to dynamically filter url’s , which is exactly what we see in Malaysia for these DAP sites. One user on the bluecoat support forum, even complained over the fact that he couldn’t block HTTPS traffic, which is again what we see in Malaysia. Further analysis of Bluecoat wireshark logs look remarkably similar to logs posted on the original lowyat posting that triggered this conversation. While I couldn’t find a smoking gun, which is to say how a Bluecoat url block would like from the client side, I think there’s a high chance that TM uses Bluecoat instead of Arbor Network to block urls in Malaysia, just look at a sample of their user manual here.


More info here



 

Change to:
| Lo-Fi Version
0.0394sec    0.09    6 queries    GZIP Disabled
Time is now: 21st May 2022 - 07:33 AM