Comments on: An Eventful Few Weeks in Iran: DNS Tampering, Content-Type Filtering and SSL Blocking on Google the shifting interests of Collin David Anderson. Sat, 02 Mar 2013 18:54:51 +0000 hourly 1 By: cda Sat, 02 Mar 2013 18:54:51 +0000 OpenDNS does have a SSL encrypted DNS service, which should solve the problem, but I would suggest that there should be a deeper concern — which is that HTTP proxies will likely be tampered or surveilled, and, even if your proxy connection is secured with a legitimate SSL setup, it is still likely to be throttled. If you have a host for a proxy server, then you should be able to personally run something at least marginally better, if not a Tor bridge, then an OpenVPN service or SSH SOCKS proxy, perhaps?

By: Kevin Fri, 01 Mar 2013 16:33:55 +0000 Hi, I came across your website through some Googling today. My girlfriend is in Iran right now and I’m trying to get her set up with a way to get around the filter.

I had her using my proxy server and Google’s public DNS, but I came across the same thing you did: DNS requests to blocked websites were still somehow getting interfered with. They’re returning that same IP that you show above:

So, now I see that it’s tampering of the request itself. Now I’m brainstorming how to get around this (without buying VPN anyway)…

I don’t know of any public DNS server that allows secure DNS requests. I suppose I could send her a squid cache of many popular domains, but I don’t know if she could handle setting up squid. Hmmmmm… any ideas?