Two local internet service providers (ISPs), Maxis and TIME, have implemented a transparent DNS proxy, according to transparency and accountability initiative Sinar Project. This implementation redirects DNS queries to Google and Cloudflare public DNS servers, rendering users to no longer access websites blocked by the Malaysian Communications and Multimedia Commission (MCMC).
Based on a test conducted by Sinar Project, both automated and manual testing suggests that Maxis and TIME had implemented the transparent DNS proxy on 5 August 2024. It is alleged that users who configured their internet settings to use alternative DNS servers have reported that they could no longer access MCMC-blocked websites, encountering connection timeout errors instead.
⚠️Censorship Update: Malaysian ISPs Maxis and Time are implementing transparent DNS proxy on Cloudflare (1.1.1.1) and Google (8.8.8.8) public DNS servers, users are no longer able to use these alternative DNS servers to access websites blocked by MCMC https://t.co/B9BFd2plPv
— Sinar Project (@sinarproject) August 6, 2024
The initiative notes that Maxis automatically redirects DNS queries directed to Google Public DNS (8.8.8.8) to its own servers. Similarly, TIME is redirecting DNS queries intended for both Google Public DNS (8.8.8.8) and Cloudflare Public DNS (1.1.1.1) to its own servers. In addition to MCMC blocked websites, other addresses returned from ISP DNS servers can also differ from those returned by Google and Cloudflare.
The findings also claim that test measurements from the Open Observatory of Network Interference (OONI) confirmed that some Malaysian ISPs are implementing a transparent DNS proxy. Data collected through the OONI Probe App by the Sinar Project and volunteers showed DNS blocking and tampering, redirecting queries to MCMC’s IP address (175.139.142.25). Further, the OONI data indicates that while the DNS services appear to be from Google or Cloudflare, they are actually served by the ISPs’ transparent DNS proxies, effectively blocking access to certain websites as mandated by MCMC.
Sinar Project suggests that this redirection poses significant security risks, as users may be redirected to unauthenticated websites and services, leading to potential data interception and other technical issues. Standard DNS queries are unencrypted, allowing requested addresses to be viewed and logged by ISPs.
To counteract this, the initiative is encouraging affected users to enable DNS over HTTPS (DoH) in their browser settings. This encrypts DNS lookups, ensuring they reach the intended servers without interference and providing a warning if tampering is detected.
For Firefox users, you can enable DoH via Settings > Privacy & Security > Enable Max Protection. Chrome users, on the other hand, can enable this by navigating to Settings > Security > enable Use Secure DNS > select a public DNS server such as Google or Cloudflare.
(Source: Sinar Project [1] [2])
Follow us on Instagram, Facebook, Twitter or Telegram for more updates and breaking news.
