This is a sad moment for friends in Turkey, the Government is under the illusion that censoring the media will be able to suppress the thought of those who disagree.
A few days ago Twitter was obscured in Turkey, the popular social media is dangerous and the Arab Spring is the demonstration, these platforms could be used to spread messages instantaneously to a large audience. The Turkish Government decided to ban Twitter after the diffusion of an audio clip about the corruption of Turkey Prime Minister Erdoğan through YouTube and Twitter. Erdoğan was instructing his son to dispose of large amounts of cash during a law enforcement investigation.
In any dictatorship, regimes take complete control of television and the press, but it is unlikely that they can easily influence the participation of the population in the major social media.
The decision to apply a censorship acting via the DNS of the national ISP was very stupid, because population started using Google’s DNS service, in this way Twitter was easily accessible. Turkish Government decided to make a step forward to definitively ban the “hostile” media, he ordered to block the Google DNS service.
The last Google Transparency Report also referred traffic interruption caused by the Turkish Government as shown in the following image.
Yesterday Google claimed that principal Turkish ISPs, including SuperOnline and TTNet, have set up servers that are masquerading as Google’s DNS service to block the services used by the opponents like YouTube and Twitter.
“We have received several credible reports and confirmed with our own research that Google’s Domain Name System (DNS) service has been intercepted by most Turkish ISPs (Internet Service Providers).” stated Google official statement.
BGPMON published an interesting analysis of what is happening in the country where the Turkish Government is hijacking IP addresses for popular global dns providers.
The traffic is redirected to a bogus route, but instead of null routing IP addressed of banned social media it was hijacked to servers controlled by the Turkish Goverment that are pretending to be legitimate DNS servers.
“These new fake servers are receiving traffic for 188.8.131.52 and other popular DNS providers and are answering DNS queries for the incoming DNS requests. One of the possible reasons for impersonating these DNS providers instead of just null routing traffic to these DNS providers is that they did not want to break Internet connectivity for the significant number of Turkish users that are using these popular DNS servers.” stated BGPMON.
The situation is concerning because with a similar techniques the government could also serve surveillance malware and in the worst scenario he could be interested to track and persecute the single citizens.I close this post inviting you to give a look to the graph related to the number of Tor users which started to use the anonymizing network after the media repression operated by the Turkish Government, that number is more than doubled evidencing the critic moment for the freedom of expression of Turkist population.
The sad reality is that Turk Telekom is hijacking the IP addresses of popular DNS servers, intercepting traffic and the consequences could be unpredictable for Turkish population.
(Security Affairs – Turkish Government, Censorship)