(On my laptop, I'm just as likely to spend half a day writing a scraper or reverse engineering the javascript and apis to collect a dozen or two urls that I should have just jotted down in my notebook...)
Quad 1/8/9 isn't optimal alternative (too much centralization if everyone uses those by default) but running your own is easy.
It looks like this is possible with Chrome-based browsers using a command line flag (--host-resolver-rules) or in Firefox settings. Is there a better way?
I remember hearing someone complain on HN of their site getting blocked because it shared an IP with an illegal soccer livestream. I can’t imagine they’re doing this to IP blocks owned by CDNs like Fastly, CloudFlare, or CloudFront though. Or are they? Does this regularly break most of the internet for UK customers?
In the case that a blocked site resolved to a Cloudflare IP, it would likely be kicked off of Cloudflare, or geo-blocked for UK users (by Cloudflare).
https://www.ispreview.co.uk/index.php/2025/07/cloudflare-blo...
So why ControlD? Because I don't want to run my own piHole, basically. They maintain ad block lists that you can edit as you see fit to add things or relax things that may cause issues(which you can't do easily with public ad blocking dns servers).
Why ControlD then and not NextDNS? First, because their support was awesome when I had an issue. AFAICT it was the founder actually emailing me back and forth, and it ended up being my ISP's fault, but I only knew that based on research provided to me by support. Secondly, I got a good deal on a 5-year subscription at one point.
Happy to answer any questions, not affiliated but a fan of the service.
Trying to downgrade or strip extensions from any TLS 1.3 connection will simply break the connection.
0: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Ho...
1: https://docs.broadcom.com/doc/symantec-ech-whitepaper (see page 8)
The DNS filter setting on the FortiGate analyzes the DoH traffic and strips out the ECH parameters sent by the DNS server in the DoH response. If the client does not receive those parameters, it cannot encrypt the inner SNI, so it will send it in clear text.
(My phone screen is too small to look through the RFCs right now.)
Edit: actually totally possible but you need build quantum computer with sufficient cubits first =)
(I remember using quantum algorithms to find prime factors 25 years or more ago, using the Quantum::Suppositions Perl module.)
Yes, any given domain name (or as non-technical people would think about it, "website" -- any website) could be "blocked" (re-routed to a non-functioning IP, claimed to not exist, other DNS error or malfunction, ?, ???) at any level of DNS (ISP, Local, Regional, Country, ?, ???)
A question your statement so excellently potentially suggests, is:
What's the true extent of the block?
Is it merely a DNS failure -- or are inbound/outbound packets to an IP address actively suppressed and/or modified to prevent TCP/IP connections? (i.e., The Great Firewall Of China, etc.)
You have "Bad Faith Actors" (let's not call them "governments", "countries", "nation states" or even "deep states" -- those terms are so 2024-ish, and as I write this, it's almost 2026! :-) )
Observation: Let's suppose a "Bad Faith Actor" (local or nationwide, foreign or domestic) attempts to block a website. They can accomplish this in one of 3 ways:
1) DNS Block
2) TCP/IP Block, i.e., block TCP/IP4/6 address(es), address ranges, etc.
3) Combination of 1 and 2.
#3 is what would be used if a "Bad Faith Actor" absolutely had to block the "offending" website, no ifs ands or buts!
But... unfortunately for them (and fortunately for us "wee folk"! :-) ), each of these types of blocks comes with problems, problems for them, which I shall heretofore enumerate!
From the perspective of a "Bad Faith Actor":
1) DNS Block -- a mere DNS block of a single domain name is great for granularity that is, it targets that domain name and that domain name alone, and something like this works great when a given company's products and services are directly tied to their website as their brand name (i.e., google.com being blocked in China), but it doesn't work well for fly-by-night websites -- that's because a new domain name pointing to the old IP address can simply be registered...
2) TCP/IP Address / Address Range Block -- The problem with this approach is that while it is more thorough than a simple DNS block, it may also (illegally and unlawfully, I might add!) block legitimate other users, websites and services and businesses which share the same IP or IP address range!
Think about it like this... A long time ago, all of the mail traffic for AOL (America Online), about 600,000 users or so, was coming from a single IP address. Block that IP address, and yes, you've stopped spam from the single user who is annoying you, but you've also (equal-and-oppositely!) blocked 599,999 legitimate users!
So "Bad Faith Actors" -- are "damned if they use the first method, and really damned if they use the second or third methods"... the first method is easily circumventable for non-brand name dependent websites and web services, while the second and third methods risk causing harm to legitimate users, sometimes huge amounts of them... which should be illegal and unlawful by any country's legal standards...
In other words, Countries should read their own sets of laws(!) before contemplating Internet blocks on their Citizens... :-) And not just one country either, all of them!!! :-)
Anyway, an excellent point!
Very thought stimulating -- as you can see by my ramblings! :-)
https://web.archive.org/web/20161013152120/https://support.c...
Content piracy specific, mostly movies, blocked by public broadcaster orders: https://www.nksc.lt/doc/vasaris/siena-lrtk.txt, https://www.nksc.lt/doc/vasaris/siena-lrtk-2.txt, https://www.nksc.lt/doc/vasaris/siena-lrtk-3.txt
I would be interested in paying a bit more if the ISP is better. In the Netherlands we always had xs4all, nowadays sorta morphed into freedom internet, which was started from a hacker magazine and kept the spirit, fighting surveillance and censorship while offering regular ISP services and then some. I'm not aware that Germany has such a thing so any step in the right direction would make me switch if I can get it (should be fine if it's available via Telekom's public network, we're currently on a virtual operator as well)
Of course I also use Firefox so mostly that just bypasses the system DNS entirely and uses dns over https.
Seriously, thanks for updating that list and the nice instructions to circumvent. (3 clicks with firefox, without the need to install anything or type in anything by hand)
The anti-malware companies won't lobby government to block malware as that would cut into sales of their anti virus/malware.
Which is the correct way to do it (i.e. file a claim if you see someone violating copyright law). This just makes it easier for the ISPs
A.k.a. prosecution under existing legislation.
Meta, Flock cameras, Palantir. It's just a public-private partnership rather than purely state-owned enterprise, like the NSA/CIA/DoD.
In theory we have more distribution of power, but it's still surveillance and control that we have little say in.
December 2024, 31 comments - https://news.ycombinator.com/item?id=42457712
And yet, the entire beginning of the list, no subdomains listed - so are subdomains for them allowed (unless specifically blocked here)?
Not sure what the state of it is now given that commercial streaming replaced a lot of both.
Famous (in Germany) example: https://de.wikipedia.org/wiki/Frommer_Legal (use auto-translate, it's German)
For a lot of Germans who are knowledgable in this topic, being associated with such a company is nearly like openly admitting to have raped children. The hate for these law firms and their employees is extreme.
https://www.theregister.com/2006/01/20/wikipedia_shutdown/
The German Wikipedia site was taken down by court order this week because it mentioned the full name of a deceased Chaos Computer Club hacker, known as Tron. A Berlin court ordered the closure of the site on Tuesday after it sided with the parents of the German hacker, who wanted to prevent the online encyclopedia from publishing the real name of their son. A final ruling is expected in two weeks' time.
https://web.archive.org/web/20090129160045/https://cyberlaw....
By virtue of an interim injunction ordered by the Lübeck state court dated November 13, 2008, upon the request of Lutz Heilmann (Member of Parliament – “Die Linke” party), Wikipedia Germany is hereby enjoined from continuing linking from the Internet address wikipedia.de to the Internet address de.wikipedia.org, as long as under the address de.wikipedia.org certain propositions concerning Lutz Heilmann remain visible.
You may know about Rote Armee Fraktion/Baader-Meinhof-Gruppe. They were a self-proclaimed communist and anti-imperialist urban guerrilla group. They murdered 34 people. A number of these were former Nazi party members that in the 1970s had climbed to powerful positions in West Germany. OTOH, during the war nazi party membership was not exactly optional if you ran a business.
On the other side of the border: While Angela Merkel denies it, I find it extremely improbable that she did not work for Stasi in some form.
This would have been a concrete example, where a government minister abused the system because a tweet annoyed him: https://theweek.com/news/world-news/954635/willygate-german-...
Here's the press release on this:
https://www.bka.de/DE/Presse/Listenseite_Pressemitteilungen/...
tl;dr Since in Germany it is illegal to e.g. make public postings calling for the rape of women or share video footage of women being murdered and tortured for the purpose of entertainment and gloating, one day ahead of International Womens Day police staged a big showy series of raids on individuals doing such things, to make a point and call attention to the issue.
Sounds like an excellent use of my tax money, to be honest, but it was certainly controversial also in Germany.
There’s only one problem. Whos to say you won’t be the next target if the political climate shifts to cracking down on pro-censorship voices like yourself?
Will you think its still a good use of your tax money when the opposition is putting you in a police car for this exact HN comment?
The German society is insanely divided on a lot of (in this case: political) topics. Better avoid making such generalizations.
Yes. As a sibling poster mentioned, this has historical roots. German law recognizes something called "Volksverhetzung", similar to concepts in other national criminal codes in other countries:
https://en.wikipedia.org/wiki/Volksverhetzung
You can probably guess which hot button issue it comes up with in context the most often (if not: Holocaust denial).
Essentially, there was a landmark judgement that certain forms of calling for violence against women publicly can qualify as this, and so may potentially be criminal (this would be decided case by case in an actual trial, of course).
I can completely understand coming from the perspective of the First Amendment US system and having a different opinion on this. As a crude analogy, it's a bit like Americans love their free market while Europeans usually think a bit more regulation of capitalism is a sane thing to do. It's going to be difficult to agree across the pond.
These things exist on a gradient. Note that plenty of other intact democracies are much stricter than Germany, e.g. South Korea where legal action against online hate speech occurs at a far larger volume, and comes together with far more tracking infrastructure and lack of anonymity on the internet (e.g. since everyone has a client cert for online commerce). And you know what? Many South Koreans want internet hate speech and trolling and bullying policed even much harder.
In Germany there is constant, sometimes quite heated debate on the reach of the application of the Volksverhetzung idea. I think that's very good and have had different opinions across various cases.
> Will you think its still a good use of your tax money when the opposition is putting you in a police car for this exact HN comment?
I know the legislative and political processes of my country well enough to know the long process it would take to get there. If I see things slide in the wrong direction, you bet I'll vote or take to the streets on that issue, too.
A country is a process that takes active participation. It's not a black or white thing you settle one time.
The most commonly used index for example:
Some countries have stronger institutions against dictatorships than others but unfortunately we have seen that even the US isn't immune and that slides auch as in Poland and Hungary are possible.
There is always hope that things can turn around (as in Poland even though the road is hard and there are setbacks)
The biggest one being that most newspapers in the EU are state-controlled, Pravda-style, propagandist outlet pushing pro-EU narratives. Once you live across several EU countries and speak several languages, you can see how all the topics are synched and pushing the exact same narrative.
Basically: the EU is very good at producing people repeating that the EU is great.
To me the biggest problem is that the EU Commission is way too busy turning the EU into a totalitarian nightmare instead of trying to compete economically with the US and China. As a result in 17 years China's GDP went from $4 trillion to $20 trillion, surpassing the GDP of the eurozone (which only grew 25%: 25% vs 400%).
That's an abysmal failure and the EU is sinking and it shows anywhere you go to in the EU: cities are becoming shitholes at an alarming speed. And everything is done to try to damage control and prevent people from talking about what is ongoing.
The EU is heading straight into a wall (actually it already hit it).
I want out.
The human and civil rights guaranteed by the US constitution are a complete joke in comparison, and most of them are not guaranteed directly constitution, but by Supreme Court interpretation of vague 18th century law that can change at any time.
Not that courts, legislators, and administrations haven't tried and succeeded in abridging them somewhat in any number of different ways for shorter or longer periods, but the text remains, and can always be referred to in the end. They have to abuse the language in order to abridge the Bill of Rights, and eventually that passes the point of absurdity.
No such challenge in Europe. Every "right" is the right to do something unless it is not allowed.
Is it draconian if no Government entity is involved? And the penalty is unavailability?
I thought draconian implies that the punishment is much too high in relationship to the crime.
Maybe the whole affair is more dystopian rather than draconian: ISPs block access to media even though no law or government asked them to just so they have less hassle with rightholders.
this is called "disinformation"
[1] https://www.aljazeera.com/news/2024/5/13/court-confirms-germ...
[2] https://www.dw.com/en/germany-compact-press-freedom-right-wi...
[3] https://www.foxnews.com/media/germany-started-criminal-inves...
[4] Germany announces wide-ranging plans to restrict the speech, travel and economic activity of political dissidents, in order to better control the "thought and speech patterns" of its own people - https://www.eugyppius.com/p/germany-announces-wide-ranging-p...
Edit as reply to nosianu, because I am "posting too fast":
> Liar. Some demand it - but it is not considered by those with the power to actually do it, not even close.
On Monday, the center-left Social Democratic Party (SPD), which is currently serving as the junior coalition partner in Berlin’s conservative-led government, voted unanimously to begin efforts to outlaw [AfD]. - https://edition.cnn.com/2025/07/06/europe/germany-afd-ban-po...
The Jewish German intelligence chief trying to ban the AfD - https://www.telegraph.co.uk/world-news/2025/12/09/jewish-ger...
I would not call the head of German intelligence and ruling coalition parties "not even close". Kindly save that liar label for yourself.
> The AfD happily participates in state and federal elections and is in the federal parliament (Bundestag).
"Considering" means they haven't done it yet. Some tried, but have not yet succeeded.
It's a neo nazi terrorist group with a political wing!
There are 9 main parties in Germany, AfD doesn't even make top 10…
Your comment is like saying the US is shooting political dissidents, and then referring to Al-Qaida or ISIS.
If you have a source showing AfD organized terrorist attacks, please present it. I could find no such thing.
> There are 9 main parties in Germany, AfD doesn't even make top 10…
In the 2025 elections, the largest party, the CDU, got 28.5% of the vote. The AfD came second with 20.8%: https://en.wikipedia.org/wiki/Results_of_the_2025_German_fed...
So you're simply lying.
Liar. Some demand it - but it is not considered by those with the power to actually do it, not even close. The AfD happily participates in state and federal elections and is in the federal parliament (Bundestag).
Why are you against freedom of speech??
People saying what they want is allowed! No action of that kind was or is taken. AfD and its members continues to participate in normal political life and getting elected, and they continue to participate in TV and media interviews.
What exactly is your complaint? You complain about some people's speech - while claiming to be for freedom of speech! Very peculiar.
If you're arguing that the AfD aren't Nazis, I'm not sure I agree. They're already privately talking about deporting German citizens.
If you are arguing that banning a political party[0] is inherently wrong... sure. I'll agree with you, with one caveat. How do you meaningfully stop people from doing that? Just saying "Well, that would be illegal, so just disobey the illegal order" is not good enough. That's what you do for otherwise normal politicians that fuck up drafting the law[1]. But the people who are doing this shit are malicious. They need to be removed from power or they will just keep trying until they get their way. And that effectively means banning the political party trying to ban everyone else. Only a stand user can beat another stand user. Hence, the constitutional ban on Nazis.
[0] I should not have to explain to people that the Nazis banned other political parties.
[1] see also, the US 1st Amendment, which prohibits laws that restrict speech without specifying any meaningful punishment for politicians that attempt to restrict speech.
So is immigration policy supposed to be irreversible? One side can grant citizenship willy nilly, but undoing their actions is Nazism and illegal? Would not granting those citizenships in the first place also have been Nazism? The bar for branding someone a Nazi is low, and ~80% or more of the allied forces that fought in WWII would be Nazis under today's definition:
https://ia902302.us.archive.org/25/items/us-war-department-f...
https://archive.org/download/the-unknown-warriors/The%20Unkn...
OP thus wants to make fun of those (such as me) who are puzzled by a statement that Germany could be considered a draconian state with regards to freedom of speech. It is hard to engage OP because he likely isn't German and has no personal knowledge and experience at all if any of his speech would be censored in Germany. Calling OP disinformed maybe isn't quite correct, maybe misinformed would fit better.