Add urls blocked in Spain related to Catalan referendum

[PabloCastellano]

Since last week, the Spanish government has been running after websites hosting information about the Catalan referendum that will be hold next 1st October. They started blocking the main website referendum.cat by forcing Spanish operators to hijack the domain name:

$ host referendum.cat
referendum.cat is an alias for paginaintervenida.edgesuite.net.
paginaintervenida.edgesuite.net is an alias for a1836.b.akamai.net.
a1836.b.akamai.net has address 2.16.65.170
a1836.b.akamai.net has address 2.16.65.152

At the beginning an error was shown because they didn't configure properly the webserver to handle the redirection. Now it shows the following image:

The day after it happened, someone uploaded the content of the website to github (https://github.com/GrenderG/referendum_cat_mirror) and more mirrors have appeared online.

Again, they have been running after these mirrors to the extent that they have blocked the whole gateway.ipfs.io domain.

A list of the blocked domains (may be incomplete) can be found here
1-o_catalan_referendum_blocked_websites_in_spain.txt

The virtual harassment has been paralleled with physical harassment. Read what EFF wrote about it at https://www.eff.org/deeplinks/2017/09/cat-domain-casualty-catalonian-independence-crackdown

Also interesting reading about technical measures taken beforehand to prevent DDoS and censorship: https://medium.com/@josepot/is-sensitive-voter-data-being-exposed-by-the-catalan-government-af9d8a909482

[bassosimone]

I have discussed this with @PabloCastellano on Slack and IRC, and it seems this domain is seized globally, as I am obtaining the same results as him from Italy (w/ Telecom Italia):

$ host referendum.cat
referendum.cat has address 2.20.44.167
referendum.cat has address 2.22.126.197
referendum.cat has address 2.22.126.109
referendum.cat has address 2.20.44.196
referendum.cat has address 92.122.241.124
referendum.cat has address 92.122.241.196
referendum.cat mail is handled by 10 paginaintervenida.edgesuite.net.

Going on referendum.cat with my browser also prompts the blockpage to appear.

Also, I do remember @willscott posting screenshots of that on some channel and I guess he was accessing it from a country different from both Italy and Spain.

As such, I guess we can bless this as seized more than as censored.

[bassosimone]

As such, I guess we can bless this as seized more than as censored.

Please, disregard.

Further discussion on IRC clarified that there are many cases of DNS injection for non .cat TLDs and furthermore it seems that there is consensus over adding also referendum.cat to monitor it:

12:44 < sbs> yeah, so probably, all of them should be included into
          the test-lists except referendum.cat

12:45 <hellais> I would actually say we include all (even the `.cat`) as
          maybe something could happen to the `.cat` tld and it becomes
          again only a country level block

12:45 < sbs> @hellais: ah, yes, that seems a good proactive move! :+1:

[hellais]

Next steps for getting this rolled out are:

• Merge PR New Spain test list (fixes #221) #222
• Push an update to ooni-resources

Within 6 hours all probes in spain should start testing the URL.

It may also make sense, when we release the custom URI scheme on mobile, to send a push notification to users in spain telling them to test for censorship these URLs.

Thoughts?

[hellais]

Keeping this ticket open in case people from the internet have something to add.

[PabloCastellano]

Thanks for the fast response. Keep up the good work you are doing! 🎉

[bassosimone]

It may also make sense, when we release the custom URI scheme on mobile, to send a push notification to users in spain telling them to test for censorship these URLs.

Thoughts?

Yes, let's do that! (I'd also send this notification to other users perhaps in Europe to see the same domains from a different but neighbouring perspective)

[hellais]

ooni-resources update that includes spanish domains is pushed: OpenObservatory/ooni-resources@b648f9d#diff-5f4b127cc6cfd67458eb317348c1f23e.

In no more than 6 hours from now Spanish OONI Probes will start testing these sites 🎉

[hellais]

Pushed another update to ooni-resources that includes 2 more URLs.

[oriold]

They have announced 140 websites blocked, including from political organizations. There must be a list somewhere.

[oriold]

The web or webs of the Catalan organization ANC seem to have been blocked, maybe only in Spain. Worth to have them in the list:
http://antiga.assemblea.cat
https://assemblea.eu
http://www.guardiacivil.sexy

[vjrj]

Not related with the referendum but I see that thepiratebay.org is blocked in Portugal. This is true also for Spain (some providers DNS servers resolves TPB to 127.0.0.1) but is not listed as blocked.

[hellais]

@vjrj thepiratebay.org and thepiratebay.se is already part of the global list (so tested in every country). See: https://github.com/citizenlab/test-lists/blob/master/lists/global.csv#L256

[hellais]

@oriold thanks for this I will look into adding them.

[smola]

@hellais assemblea.cat domain is now fully blocked in Spain.
Just tested: OK from France, blocked from Spain.
Press coverage: https://www.elconfidencial.com/espana/cataluna/2017-10-11/independencia-cataluna-wen-anc-guardia-civil_1459280/

[hellais]

These URLS are in the test list. I am closing this issue, but feel free to open a new one in case we missed something.