Friday, 20 April 2018 05:10

Google removes feature that helps avoid Net censorship Featured


Google has thrown a spanner into the works of developers who have been using domain-fronting in the Google App Engine to avoid Internet censorship by using Google's network.

The company recently made a change in its network architecture and now the workaround is not possible, a report in The Verge said.

The change was spotted first by developers at the Tor Project which develops the Tor browser that is used to browse the dark Web.

In an advisory, they said: "On or about 2018-04-13 16:00:00 UTC, domain-fronted requests for * stopped working. It appears to affect fronting to all domains, not only ours."

Also affected by the Google decision to remove the ability to use domain-fronting are the privacy-focused messaging app Signal, and Psiphon's VPN services, all of which help users to avoid censorship by nation states.

In a statement on 21 December 2016, Signal detailed how it had used Google's support for domain-fronting to get around censorship in the United Arab Emirates and Egypt. iTWire contacted Signal to ask what it would do now, but the company is yet to respond.

Wikipedia explains domain-fronting thus: "(It) is a technique that circumvents Internet censorship by hiding the true endpoint of a connection. Working in the application layer, domain-fronting allows a user to connect to a blocked service over HTTPS, while appearing to communicate with an entirely different site.

"The technique works by using different domain names at different layers of communication. The domain name of an innocuous site is used to initialise the connection. This domain name is exposed to the censor in clear-text as part of the DNS request and the TLS Server Name Indication. The domain name of the actual, blocked endpoint is only communicated after the establishment of an encrypted HTTPS connection, in the HTTP Host header, making it invisible to censors. This can be done if the blocked and the innocuous sites are both hosted by the same large provider, such as Google App Engine.

"For any given domain name, censors are typically unable to differentiate circumvention traffic from legitimate traffic. As such, they are forced to either allow all traffic to the domain name, including circumvention traffic, or block the domain name entirely, which may result in expensive collateral damage."

Asked why the company had made this change, a Google spokesperson told iTWire: “Domain-fronting has never been a supported feature at Google, but until recently it worked because of a quirk of our software stack.

"We're constantly evolving our network, and as part of a planned software update, domain fronting no longer works. We don't have any plans to offer it as a feature.”

According to Google, domain-fronting had never been a supported feature but essentially a workaround. The company claimed that the network change that had been made recently had been planned for about a year

iTWire also asked Google whether this change had anything to do with what appears to be a change in policy at the company that moves away from its initial motto of "Don't be Evil".

Recently, workers at the search giant submitted a letter to senior management to protest against a decision to provide technology to a US Defence Department programme that uses artificial intelligence to interpret video images and assist in targeting enemies in drone strikes.

Google announced recently that it would be providing help to Project Maven, a joint effort with the Pentagon, which uses video imagery in counter-insurgency and counter-terrorism missions. The project aims to develop artificial intelligence to analyse drone footage and identify objects within it

The company denied this was the case, saying that the removal of the domain-fronting feature had nothing to do with Project Maven.

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous