South Korea will expand its site blocking measures with SNI eavesdropping, so HTTPS sites can be blocked as well. The new measure, which will also affect pirate sites, has generated widespread opposition. While it's more effective than standard DNS
blocking, it's certainly not impossible to circumvent.
When it comes to pirate site blocking, South Korea is one of the most proactive countries in the Asia-Pacific region. Pirate website blocking orders are sanctioned by the Korean Communications
Standards Commission (KCSC), which also oversees other blocking efforts, including those targeted at porn or illegal gambling sites.
While the ISP blockades work well for regular HTTP sites, they are fairly easy to bypass on HTTPS connections,
something most sites offer today. For this reason, the Korean authorities are now stepping up their blocking game. This week the Government announced that it will start eavesdropping on
SNI fields , which identify the hostname of the target server. This allows ISPs to see which HTTPS sites users are trying to access, so these can be
blocked if they're on the Korean blocklist.
The new measures will apply to 895 foreign websites that are linked to porn, gambling or copyright infringement.
The new blocking policy is meeting quite a bit of
resistance locally. A petition that was launched earlier this week has been signed by over 180,000 people already and this
number is growing rapidly. The petition warns that this type of censorship is limiting freedom of expression. At the same time, however, it notes that people will
find ways to bypass the blockades.
SNI eavesdropping and blocking is useless when people use a VPN. In addition, more modern browsers and companies such as Cloudflare increasingly support encrypted SNI (ESNI). This prevents ISPs from snooping on