Google App Engine Update Makes Evading State Censorship Tougher

Google says the end of domain fronting was a ‘long-planned’ change.

For the past number of years, Google’s App Engine has inadvertently permitted developers to evade internet censors. The loophole came in the form of a practice known as ‘domain fronting’, which let services use the Google network to escape state-level online obstacles.

According to The Verge, the change in the network architecture was first spotted by Tor developers on 13 April.

A spokesperson for the company said the practice had never been an officially supported feature at Google and only worked due to a glitch in its software stack. They added: “We’re constantly evolving our network and, as part of a planned software update, domain fronting no longer works. We don’t have any plans to offer it as a feature.”

How does domain fronting work?

On a basic level, domain fronting is the routing of application traffic through a larger platform in order to mask its true destination. This allows apps and services to bypass some of the censorship practices in places such as China or Russia.

It manipulates the secure HTTPS Web protocol as well as the transport layer security (TLS) standard to trick deep packet inspection systems and firewalls about the real destination of a web request.

The technique has been used by encrypted messaging service Signal, as well as an alleged Russian state-funded malware campaign. A FireEye report from March 2017 gave details of the attack apparently carried out by the APT29 hacking collective.

If the practice was used, governments and ISPs would then be unable to shut down the targeted service without in turn blocking access to the popular Google product suite, and the disguised data requests would have appeared to be headed towards a Google site, rather than a banned platform.

State censorship – a growing problem

This disabling of the domain-fronting feature is being criticised by digital rights bodies. “There’s no ignorance excuse here: Google knows this block will levy immediate, adverse effects on human rights defenders, journalists and others struggling to reach the open internet,” said Peter Micek, general counsel at Access Now.

Nathan White, senior legislative manager at Access Now, added: “We urge Google to remember its commitment to human rights and internet freedom, and allow domain fronting to continue.”

Google search app. Image: mirtmirt/Shutterstock

RECENT NEWS

Reassessing AI Investments: What The Correction In US Megacap Tech Stocks Signals

The recent correction in US megacap tech stocks, including giants like Nvidia, Tesla, Meta, and Alphabet, has sent rippl... Read more

AI Hype Meets Reality: Assessing The Impact Of Stock Declines On Future Tech Investments

Recent declines in the stock prices of major tech companies such as Nvidia, Tesla, Meta, and Alphabet have highlighted a... Read more

Technology Sector Fuels U.S. Economic Growth In Q2

The technology sector played a pivotal role in accelerating America's economic growth in the second quarter of 2024.The ... Read more

Tech Start-Ups Advised To Guard Against Foreign Investment Risks

The US National Counterintelligence and Security Center (NCSC) has advised American tech start-ups to be wary of foreign... Read more

Global IT Outage Threatens To Cost Insurers Billions

Largest disruption since 2017’s NotPetya malware attack highlights vulnerabilities.A recent global IT outage has cause... Read more

Global IT Outage Disrupts Airlines, Financial Services, And Media Groups

On Friday morning, a major IT outage caused widespread disruption across various sectors, including airlines, financial ... Read more