Through a court-mandated decision, access to Twitter has officially been blocked across all of Turkey. Weather or not this was the right decision; it is evident that people are not happy about it at all. As you already may know, I am originally from Turkey but have been living elsewhere for many years now while following my home countries current events closely.
While different members of Turkey’s government may hold contentious opinions regarding the decision, I will only touch on the technical aspect of the matter.
After the decision was made, the government blocked all DNS resolution for twitter.com for all of Turkey. So what is DNS and how does it work from a high level?
DNS stands for Domain Name Service. It is a mechanism that translates a company’s web server IP address to their registered domain name. Since the IP address is presented in decimal (4 octet/32 bit) it is long and hard to remember. Remembering a name like twitter.com is a lot easier! DNS does this mapping for you.
Since your ISP usually assigns you a DNS server automatically when connecting to the Internet, they control the sites you are able to resolve via DNS. This is basically what happened in Turkey. Before long, people found that by statically assigning their DNS server to a public one, such as Google’s 184.108.40.206, they were able to bypass the block to twitter.com.
This knowledge was then shared via social media and getting around the twitter block was as easy as pie.
Look at this picture of Graffiti on a wall telling people to change their DNS to regain access to Twitter:
So why do people have to enter this new DNS address manually? Well, another convenience protocol called DHCP is the reason. DHCP is an easy way to hand out addresses when clients connect to the network.
This protocol makes provisioning communication via IP much easier than having to tell every client what parameters they must configure to gain access. Because of this automatic provisioning, no one would really need to manually configure a DNS server.
Soon after people realized how to bypass the block, the government decided to just remove all access to Google’s DNS. Since users could continue to change their DNS servers, eventually the government came to the conclusion that the more efficient thing to do would be to just block access to all of Twitter’s IPs.
So what next?
Of course VPN. But what about security issues which might come with VPN. Lets talk this in future post.