2023-katira-censorwatch

CensorWatch: On the Implementation of Online Censorship in India

Divyank Katira, Gurshabad Grover, Kushagra Singh, Varun Bansal · Free and Open Communications on the Internet · 2023

canonical link →

Tags

censors: in
techniques: dpi dns-poisoning ip-blocking

findings extracted from this paper

Across 7,336 websites analyzed comparatively across 71 ASes, blocklist sizes ranged from roughly 3,000 to 7,000 websites per AS, with differences between ISPs as large as 2,000 websites out of ~8,000 analyzed. Within single ASes, further blocklist variation was observed, suggesting misconfiguration or non-uniform middlebox deployment. Only 6,787 of 7,336 sites were blocked by at least one AS.

§5.2, Appendix A evaluation measurement-platform in
Only 10 of 64 measured Indian ASes conduct DNS-based blocking, but Atria Convergence Technologies (AS24309) was found performing DNS injection attacks against public DNS resolvers including Cloudflare, Google, and Quad9 — affecting 8.45% of the roughly 3 million DNS measurements collected using those resolvers. DNS blocking is otherwise concentrated in two large providers (AS24309 with 125,154 confirmed blocks and National Internet Backbone / BSNL with 92,653 confirmed blocks).

§5.1, Table 3 detection dns-poisoning in
HTTP-based blocking is the dominant censorship technique across Indian ISPs, observed in 64 of 71 measured ASes. However, the authors note it is largely ineffective because over 90% of web connections now use HTTPS, meaning ISPs cannot inspect the HOST header for the vast majority of traffic — making HTTP blocking easily bypassed by any HTTPS client.

§5.1 evaluation keyword-filteringdpi in
CensorWatch found that 2,370 of 3,745 websites covered by a 2018 temporary court injunction (which was withdrawn in early 2019) remained blocked by at least one Indian ISP, indicating ISPs do not routinely update blocklists to implement unblocking orders. Additionally, three ASes (Hathway AS17488, YOU Broadband AS18207, RailTel AS24186) continued to block avaaz.org despite an explicit government unblocking order issued on 18 January 2019.

§6.1, §6.2 policy ip-blocking in
SNI-based blocking is deployed by 16 of 64 measured ASes in India, concentrated heavily among the two largest ISPs: Reliance Jio (189,331 confirmed SNI blocks across 504,400 measurements) and Bharti Airtel Telemedia (158,022 confirmed blocks across 540,425 measurements). Smaller ISPs exhibit only marginal SNI blocking, likely as collateral from traffic peering through larger ISP infrastructure.

§5.1, Table 2 detection sni-blocking in