• fishos@lemmy.worldEnglish
              0·
              12 days ago

              It’s not. See, don’t have to click a thing. It’s just there. Sorry you use an inferior app. That’s your problem tho. So could you stop spamming the comments? Or get an app that doesn’t handicap you and make it others problem? Kthnxbai!

              Here’s even the actual OP screenshot that you “can’t see”. Funny how it’s just an image I can save to my phone but somehow you have to “access twitter” and then post your own version of.

              Get a better app or stop lying.

                • fishos@lemmy.worldEnglish
                  0·
                  11 days ago

                  Fuck off. You lied until confronted with proof of your complete bullshit and acted like I was the one wrong and then suddenly “oh huh, must be my app”. That’s what I said from the beginning you fuckwad.

        • fishos@lemmy.worldEnglish
          0·
          11 days ago

          There’s already a screenshot in the OP post. If you can’t see it, that’s the fault of your own app.

          • [object Object]@lemmy.world
            0·
            10 days ago

            Lemmy itself doesn’t allow posting a link and an image together, at least not in the default UI on lemmy.world. Consequently, apps being able to show them together isn’t the go-to expectation.

            P.S. Upon reading your comments further below, it’s outstanding what an annoying prick you are.

          • w3dd1e@lemmy.zip
            0·
            11 days ago

            I was thinking maybe some types of Lemmy apps/clients don’t show it? Mine does but I was giving the commenter the benefit of the doubt.

            Once I was trying to find info on my server’s administration policies and including time it. Turns out it wasn’t available in my app at the time, I had to go to the website.

    • Sundray@lemmus.orgOPEnglish
      0·
      12 days ago

      Presumably because instead of responding to the request for boobs.jpg with with an HTTP 404 error (meaning, “not found”), Iran’s censorship tech returns a 403 error (meaning basically "you are forbidden from accessing this resource).

      The “boobs” are “forbidden” you see; the tech mirrors the ruling party’s moral stance, probably coincidentally. Trying the same curl command in Russia and China will likely just get you a 404 error, so the joke really only works with Iranian servers.which is slightly less funny. “We couldn’t find the boobs!”

    • baltakatei@sopuli.xyz
      0·
      12 days ago

      Right? If it were an unencrypted HTTP GET request, then every router on the way would see the plaintext string boobs in the URL and therefore intercept it.

      If I had to guess, Iran has so few landline connections that they man-in-the-middle every TLS connection they can by either forcing every server to hand over their private key files (difficult) or by forcing a certificate authority trusted by default Web browsers (there’s a lot of them) to issue certificates for every top level domain they see in SNI data attached to encrypted packet headers; the latter method need not even require participation by Iranian servers, so long as the traffic is bottlenecked for man-in-the-middle attacks and outsiders don’t question unusual certificate authorities being used.

    • Brkdncr@lemmy.world
      0·
      12 days ago

      It’s either

      • Client side ssl forward proxy (MitM cert installed on client)
      • in-line decryption in the server
      • client side software
      • tls downgrade
      • cert authority compromise
    • bcovertigo@lemmy.worldEnglish
      0·
      12 days ago

      They are giving response codes like 403 so it’s not a failure to resolve and I agree it’s not DNS… It’s behaving differently based on different sub pages so it’s something underneath the https encryption. Maybe an intermediary WAF that decrypts? Maybe some weird server side tooling that has govt provided?

      I would guess WAF but I’d love to hear from someone who actually knows.

  • M.int@lemmy.zip
    0·
    12 days ago
    curl -i https://irangov.ir/boobs.jpg # HTTP 200
curl -i https://president.ir/boobs.jpg # HTTP 200
curl -i https://divar.ir/boobs.jpg # HTTP 404

    Can’t reproduce. The goverment websites don’t even handle the error correctly: they give a HTTP 200 and an error page.

    Does anyone have an actual working example?

    • Buddahriffic@lemmy.world
      0·
      10 days ago

      Lol when I first read your screenshot, I thought for a moment they actually served you boobs.jpg from the government and president sites.

      But maybe this is disinformation to make people think servers in Iran aren’t?

      “Oh boobs.jpg just gives a 404, can’t be in Iran!” (When the server is in Iran)

      Buddy doesn’t even say what domain they figured out was in Iran with this “trick”.

  • mirshafie@europe.pub
    0·
    12 days ago

    It was annoying as hell trying to download a LaTeX compiler and having the entire word be blocked, presumably because certain degenerates use latex - the material - for immoral acts.