Last week’s Supreme Court decision in Cox Communications reshaped the piracy liability landscape, creating new urgency for site-blocking.
Last week’s Supreme Court decision in Cox Communications reshaped the piracy liability landscape, creating new urgency for site-blocking.
Use DNS over HTTPS (or TLS or QUIC). I think some browsers use it by default now. If there’s country-specific blocks, use your own recursive DNS server, or one in another country.
Can still be messed with by the Isp not saying dns encrypt is a solution but it will bypass this, not much it can do against direct IP blocking mind you for that you need vpn or a service like tor/i2p.
Does stop the this has been blocked by court order type messages though and does it well.
Not as easily though. It’s like regular HTTPS - if anyone, including the ISP, tries a MitM (man in the middle) attack, you’ll get a security error because the certificate won’t be trusted. The only real way for a MitM attack to be successful is installing a custom root certificate on the client system.
Like you mentioned, IP blocking is harder to bypass, but that’s unrelated to DNS blocking. IP blocking is harder to do if the site uses a CDN like CloudFront, BunnyCDN, Cloudflare, etc though, since a large number of sites use the same IPs.