A German ISP Changed Their DNS to Block My Website
Original: A German ISP changed their DNS to block my website
Key topics
Regulars are buzzing about a German ISP, owned by Telefonica, allegedly blocking a website by tampering with DNS responses, sparking a lively debate on censorship and the future of internet protocols. Commenters riff on the potential of emerging technologies like DNSSEC, DoT/DoH, QUIC, and ECH to evade censorship, with some arguing that these innovations could render ISP-level blocking obsolete. However, others counter that while these protocols can detect censorship, they won't necessarily prevent it, and that more robust solutions are needed. As the discussion unfolds, it becomes clear that the cat-and-mouse game between censors and those seeking to circumvent them is far from over.
Snapshot generated from the HN discussion
Discussion Activity
Very active discussionFirst comment
42m
Peak period
138
0-6h
Avg / period
20
Based on 160 loaded comments
Key moments
- 01Story posted
Aug 24, 2025 at 6:27 AM EDT
5 months ago
Step 01 - 02First comment
Aug 24, 2025 at 7:09 AM EDT
42m after posting
Step 02 - 03Peak activity
138 comments in 0-6h
Hottest window of the conversation
Step 03 - 04Latest activity
Aug 27, 2025 at 6:39 AM EDT
5 months ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
The issue is that they're not commonly used, and even if that changes, the ISPs can roll out harder-to-bypass censorship methods like SNI inspection or IP blocks.
You can't win the war against corporate censorship and malicious anti-freedom politicians through purely technical means. But you can sure make it much harder for them.
(I'm not sure why I replied here. I guess I'm saying that establishing some kind of mesh network protocol between all cellphones would be a great addition to those other protocols you mentioned.)
Oh but they can, we are suffering this in Spain every weekend the football league plays.
Tons of Cloudflare IPs sent to a blackhole regardless of how many other non relevant websites are behind.
Some business are really angry because they claim their peak hour of the week is during the matches (e.g. wife buying online while husband watch the match)
And they don't deny doing it, they claim they block Cloudflare because they host piracy, child pornography (how would they know, did they search for it specifically?) and other illegal stuff and their response is basically "complain to Cloudflare" or "those blocks affect only 4 nerds [using Github, Cloudflare tunnels, Docker Hub...] so we aren't going to change anything".
DNSSEC gives you the ability to verify the DNS response. It doesn’t protect against a straight up packet sniffer or ISP tampering, it just allows you to detect that it has happened.
DoT/DoH are better, they will guarantee you receive the response the resolver wanted you to. And this will prevent ISP-level blocks. But the government can just pressure public resolvers to enact the changes at the public resolver level (as they are now doing in certain European countries).
You can use your own recursive, and this will actually circumvent most censorship (but not hijacking).
Hijacking is actually quite rare. ISPs are usually implementing the blocks at their resolver (or the government is mandating that public resolvers do). To actually block things more predictably, SNI is already very prevalent and generally a better ROI (because you need to have a packet sniffer to do either).
Of course you will need to configure your DNS server/client to do local validation for this, and at most it'll prevent you from falling for scams or other domain foolery.
The parent comment is also correct that the best DNSSEC can do for you, in the case where you're not relying on an upstream DNS server for resolution (in which case your ISP can invisibly defeat DNSSEC) is to tell you that a name has been censored.
And, of course, only a tiny fraction of zones on the Internet are signed, and most of them are irrelevant; the signature rate in the Tranco Top 1000 (which includes most popular names in European areas where DNSSEC is enabled by default and security-theatrically keyed by registrars) is below 10%.
DNS-over-HTTPS, on the other hand, does decisively solve this problem --- it allows you to delegate requests to an off-network resolver your ISP doesn't control, and, unlike with DNSSEC, the channel between you and that resolver is end-to-end secure. It also doesn't require anybody to sign their zone, and has never blown up and taken a huge popular site off the Internet for hours at a time, like DNSSEC has.
Whatever else DNSSEC is, it isn't really a solution for the censorship problem.
DNSSEC doesn't prevent censorship, but it does make tampering obvious. Moving the point of trust from my ISP to Cloudflare doesn't solve any problems, Cloudflare still has to comply with national law. DoH is what you use to bypass censorship; DNSSEC is what you use to trust these random DNS servers you find on lists on Github somewhere.
A bit over half the websites I visit use signed zones. All banking and government websites I interact with use it. Foreign websites (especially American ones) don't, but because of the ongoing geopolitical bullshit, American websites are tough to trust even when nobody is meddling with my connection, so I'm not losing much there. That's n=1 and Americans will definitely not benefit because of poor adoption, but that only proves how much different kinds of "normal internet user" there are.
https://dnssecmenot.fly.dev/
For everything else, there's I2P and Tor.
An even easier start, just set up unfiltered encrypted DNS on your devices. E.g. Njalla DNS or Mullvad DNS. Or get a good VPN such as Mullvad.
At the same time, keep voting for privacy. And send letters to your politicians!
Pedro Sanchez forced a public investment (€1134 billion) into that company using the SEPI so he can control Telefonica. Then he changed Telefonica president with a socialist pawn, inserted many socialist "elite" into the company, and as a cherry on top, he embedded Huawei inside Telefonica core systems.
Listen, kids, the higher you get into politics, the faster the textbooks (Marx, Smith, and antything in between) get tossed out of a window and drugs, prostitutes and hard power it's what matters.
Better if you don't know how actual politics work, because it that would be pure Realpolitiks. Imagine an 1984 and a Brave New World merded and psychos on top keeping the illusion because of raw power. You have that today.
The closest against to that would be the EFF, Richard Stallman, and hardcore groups and humanists working maybe for pride, but helping the rest of the society as the main social law (Golden Rule).
But we are not ready. We have a 'hardware' from Neolitics and a 'software' from the Space Era... no wonder the are wars and hardcore collisions between ideologies...
Spain concludes purchase of 10% stake in Telefonica https://www.reuters.com/markets/deals/spain-concludes-purcha...
Can you lock millions of users out of Internet? If that's not elite in 2025, who is?
They also mention Movistar, O2, and Vodafone. A systematic violation of the internet's integrity, carried out on the scale of an entire so-called "free" EU(!) country. It's a disaster.
Wait, is that why yesterday internet was so janky? Encountered multiple websites that seemed offline when visited from my home (Spain) Vodafone connection, but all my remote servers could still access them. In my decade+ of living here, never heard of them doing a "Ah today it's Saturday, lets block Cloudflare" thing until this very moment. Have any resources (Spanish or English) where I can read more about this? Fucking ridiculous if this is true.
https://www.eleconomista.es/tecnologia/noticias/13287968/03/...
https://vercel.com/blog/update-on-spain-and-laliga-blocks-of...
https://tebas.tv/
Where did you heard it?
It is not only factually incorrect, every point is just completely wrong: no favorable candidate to Moscow was elected in 2014, US did not worked to undermine democracy and there is absolutely zero evidence of both of these things happened.
This is what RT and other propaganda networks is dangerous, it creates a fake reality which people believe in. Then you act on this knowledge as if it is real.
I think the current shift in acceptance of blocking social media for children is a start and allows us to consider it’s positive and negative effects.
I believe in democracy. If people want to listen to ridiculous and false Russian propaganda or support Russia against Ukraine they should be able to without hindrance, even if their politicians or the better informed don’t like it. It’s their job to persuade their fellows. They shouldn’t get to declare their beliefs are right and beyond democratic contestation.
Sometimes democracies make really bad decisions. Alciabiades conned the Athenians into the disastrous Sicilian Expedition. That’s the tradeoff you get for having a democracy. Declaring some subjects out of bounds is taking away democracy and installing something else instead, with those tradeoffs, that we as a society decided we weren’t going to make, without consensus.
Many of the real problems in society, unfortunately, have no easy solutions and require very substantive evaluation, weighing expert opinions, etc. In the current environment it has become very hard to get a lot of people to even consider these or, if they want, elect someone to do it in their stead.
TLDR: populism + propaganda causes significant dysfunction in democracies, especially ones that aren’t winner-takes-all.
As opposed to your positions. The masses, well, they think wrong, but you, you thought long and hard about everything and you came to the right conclusions.
What's next? Give the right to vote only to the "right" people?
After all, if you can't trust the judgment of the masses because their views are based mainly on emotional reasons then surely you don't think they should have a say in how their country should be run?
These are all the exact same arguments made by regimes like the CCP as to why their authoritarian methods are necessary. It’s all for the public order and the public good as unfortunately, many people are stirred up even against their own interest by meddlers, demagogues, and foreign interests. Fortunately, the CCP knows better, as the Party makes sure that the experts are making decisions based on all the data.
I would prefer to live in a democracy, and it astounds me to see people in the West repeating word for word what Russians and Chinese regime apologists say about their governments, all while explaining it’s all necessary to protect democracy.
Sorry, I'm more confortable with RT being blocked than having another Adolf Hitler screaming their own propaganda.
Screw Russia and China. The Internet blocking committee should probably also block Tiktok while they're at it, as it makes people's brains rot.
When that happens, you won't be happy anymore and you will go on Twitter complaining that your government is turning fascist in a hurry and ask how nobody did anything to stop this.
But you probably think that it's never going to happen because you are one of the good people, not the scum of the earth that dares watching Tiktok.
Is that really a good example? Weimar Germany regularly suppressed and censored Nazi newspapers and publications, shut down hundreds of Nazi newspapers, and even at one point suppressed party gatherings.[1] Obviously, it did not work, and the Nazis used the same laws and precedent to suppress their enemies when they took power, and were able to campaign with statements like "in all of Germany, why are WE silenced?"
You can take two things away from this:
1. Weimar should have suppressed the Nazis EVEN HARDER. Weimar needed an even more stringent censorship regime, shutting down any publication and arresting the editors at the slightest whiff of wrongthink. They should have deployed informers to identify and arrest dissidents before they broke out into the public arena.
OR
2. Weimar Germany was a deeply unpopular and dysfunctional regime that had already failed. Governments should do better to represent the interests of their people so that things never get to that point. The Nazis would never have obtained any power if Germany had been doing well and people felt represented by their government, no matter what kind of crazy propaganda they put out; people don't choose extremism because of propaganda, they become propagandized when they are deeply disaffected. Censorship only further delegitimized the regime and increased the popularity of the Nazis, as it showed they were a threat to the people in power that were perceived to be mismanaging the country.
[1] https://www.thefire.org/news/blogs/eternally-radical-idea/wo...
This is the same argument as for encryption. You can't have encryption only for the good guys and not for the criminals. You either have encryption that protects everyone including criminals or you have no encryption.
In this case, you can't have free speech while advocating for censorship against what you consider to be propaganda.
Either everyone has the right to express themselves, including pro war lunatics or you right to free speech will eventually go extinct because then it's only a matter of time before someone else will use the same argument to start censoring a topic or an idea that you care about and they will do it the with the same zeal as you when you agreed to censor RT.
Yet despite this fact that has been proven time and time again, here we are in 2025 with people like you who applaud censorship.
The good solution would be the educate the population about critical thinking, and to use their brain when they see information.
If you just censor things, you hide the real problems, and end up with dumb people without critical judgment (or no access to information).
It’s very easy to convince anyone to support your cause. Just tell them they are the real victims, that they have been deprived of their rightful privilege, and that it is someone else’s fault. Give them undue credit, take away their inconvenient responsibilities. I promise you, they will have zero motivation to uncover your lies.
We have a collective responsibility to protect the truth - the actual, messy, complicated, real-life truth.
At the end, this political system is about supporting current power who settled by force (and to whom you have to pay a tax to not be sent into physical jail, and all your belongings taken).
Remember that at the beginning, these nice people are actually people who killed to be in place, and collected a lot of power and money, and that are now defending their position.
Kingdoms, then Dictatorship were too unstable, and this gave birth to Democracy, still with the same elites.
In some way, it is a softer continuation of conquest-coercion dressed as consent.
The newest generations use propaganda to settle; the approach changes, but the goal is ultimately the same.
There is a saying: if voting would change things, it is long time that it would have been forbidden
The whole idea of supressing stupidity in a democracy leads to some sort of elitist society.
there's nothing wrong with this. Stable democracies tend to be republican and elitist. One of the reasons why the US has been, until recently, an exceptionally stable country was because decision making was largely insulated from the whims of the public. Democracy properly understood is best used as a tool for legitimacy and as a check against the worst abuses of power, not actually as a tool for decision making.
Having the inmates run the asylum is generally a bad idea, we've known this since Plato.
Except, in the case of RT, it was not justified in an abstract way at all. Consistently "reporting" on stories counter-indicated by all available evidence.
To put it another way, if a judge can imprison a murderer for life as justified by the motive of reducing murders, what's stopping them from imprisoning everyone with no justification at all? Well, in practice the evidence required is quite a hurdle to this.
If you're not arguing that RT is innocent of what it has been accused, then you're arguing against the concept of punitive action outright.
Can you give a concrete example? (Somehow I cannot recall ever seeing one proactively volunteered, in years of people denigrating RT on the Internet.)
> Somehow I cannot recall ever seeing one proactively volunteered
I err on the side of brevity, not seeing a claim that RT's removal was unjust in the comment I was responding to, I felt no need to justify it myself.
Plenty of people have never seen moon hoax theorists' propaganda. They imagine if they see it, they'll quickly see through it for its absurdity. But they're often wrong. Moon hoax theorist's propaganda is actually much better than you think. They can point out lots of "inconsistencies", which do have an explanation, but aren't immediately obvious at all. You see they have experience meeting people like you, but you don't have experience meeting people like them.
I used moon hoaxers as an example because their sophisticated propaganda actually have been exposed and explained a few times, although it still isn't common knowledge why e.g. it seems the exact same rock is right behind an astronaut in two different photos. But that isn't nearly as true for suppressed ideologies. You haven't heard their arguments.
Consider the cost of the sites I listed. Literally, how do you pay these companies? With the monetization of your attention, first and foremost. Good journalism costs money to produce, leaving good journalists unable to be the highest bidder.
If it had been more effective, more people would become very impressed the first time they came across a new to them, consistent (more or less!) narrative universe in which the bad guys are the good guys. Not only that, but their narrative incorporates a bunch of entirely true, verifiable damning truths about "our" side.
I don't have a side in terms of a political entity or official, I'm defending evidence-based action. I genuinely think my life is better because I don't have to defend anyone uncritically, but you're welcome to try and change my mind I guess lol
And yes, I think you have a side, and I think these groups' foreign policies are 1. Very far from being simply "evidence based" and 2. Not in any meaningful sense under democratic control.
Have you ever wondered why so many people actually turn up to vote for Putin in Russia, even though they don't really influence anything by doing so?
I think they have simply decided that it's easier to want what they can have. Learn to like the taste of the only course that's on the menu.
And I also think that attitude is very common in the western world.
There are people who see that as positive, because are used to be extremely careful and conscious of their words. But is a very thin line, where one word can obliterate your life as you know it.
This sparked a discussion about how to handle hate spech, as for regular people being called a dick does not result in a 06:00 am. police raid with six officers.
In the aftermath, a mural in a left wing culture center has been painted over multiple times with the tweet and a call for his resignation [1].
[1] https://www.washingtonpost.com/world/2021/09/09/pimmelgate-g...
[1] https://archive.is/hETjp
[2] https://images.welt.de/67dd7b08559c903aae8287ac/12efd9779a84...
There are literally thousands of cases constantly of different severity, but freedom looks different to me. https://www.zdfheute.de/politik/deutschland/habeck-beleidigu...
The RT ban is not about what RT publishes, you are free to publish their arguments more or less verbatim on your own site without getting sanctioned in Europe (which indeed some people do). The RT ban is about RT being a state owned propaganda network owned by the government thats waging an active war against Europe.
And ... ?
> The RT ban is not about what RT publishes, you are free to publish their arguments more or less verbatim on your own site without getting sanctioned in Europe (which indeed some people do).
https://en.wikipedia.org/wiki/Paradox_of_tolerance
My GAF meter is pretty low for anti-secular groups that shot first. And their own neighbours who were "supposed" to be their allied seem to think the same
There were and are plenty of reasonable groups one could work with, but the genocide is about grabbing land, asserting dominance and exacting revenge, while feeding a victimhood complex that is never able to acknowledge its own mistakes.
Neither Ukraine nor Israel is part of EU or NATO.
Ukraine is most definitely a part of Europe.
Moldova and Georgia and Ukraine, as relates to its aggression in Europe.
Israel definitely should be sanctioned till it stops its war crimes because doing nothing will directly affect us.
Israel should be sanctioned because of the war crimes and the genocide perpetrated by their government, I agree, but that's a different thing.
“Why can’t I play with the kid who is in timeout? Is it because you hate my freedom?”
What do you prefer instead, to make domain registrars enforce sanctions instead of blocking on DNS level? That would quickly make so that no one with Russian passport is able to register a domain no matter how much we are against russia or putin
It's pure hypocrisy coupled with conformity - or rather virtue signalling. Send junk weapons to Ukraine to showcase that you do support the cause, meanwhile keep buying gas the same time go after their propaganda because that looks nice.
In your country if say some public TV would publish hard core porn mid day for children to see, would there be consequences? like fines and license removal? I am sure in civilized countries that TV station will be punished.
Now imagine you have a Ruzzian TV station publishing hard core porn for children to see, how to you punsish them without paid trolls claiming censorship ? Because this si what happens, in Romania Romanian TV station need to respect the Romanian laws , liek for example pay fines and retract any falsehoods and mistakes, but Ruzzians can publish fake documents and videos and if we want them to respect the laws of our countries we it is censorship... blocking faked documents is bad, blocking boobs is good in the land of the free
rt hasn't done this and there are concrete laws against doing this, if rt violated them, they would/should fined/suspended, it's really that simple, do you have any real examples of illegal things they've carried out?
and if you're implying that extrajudicial measures are the only effective method to deal w/ situations like these, then there's an issue w/ the laws
just because censorship is carried out against a cause you don't like, doesn't make it justified, since it's very likely to be used in less benevolent ways in the future
If you are a parent, it is your responsibility to watch your kids and install a porn filter on their computer / tv / phones. It is pointless to have websites to verify that you are old enough, as there always be websites from abroad who will not respect the law, and it forces you to leak your identity (who becomes tied to your IP address).
If you are not happy with propaganda, it is your role and the role of schools to educate people around about how to consume information and look with a critical view.
The Internet used to be cool in the '90 when it wasn't regulated and Meta, Google and Tiktok didn't exist. Now it's all ads, propaganda and hate speech.
Just think about this (which is not 100% correct, but for the sake of discussion): it's probably not meta, google and tiktok. It's the internet peoples who are the source of all that. It's peoples who say hate, who push for ideas they believe in, and they also (surprise!) publish ads! (While google et cetera are just a medium, with lots of moderation, yep.).
The only safer places are heavily moderated hobby related forums with actual people. Anti vaxxing is not a hobby btw.
This is as pointless as saying that is my role as a consumer to test the food that I buy to ensure it is not contaminated with shit, so instead of punishing the companies that have contaminated food we should allow them to sell if even if we know it contains literal shit and instead teach our children in school how to use equipment to test the food.
Sorry for the Ruzzian puppets but soem countries are not retarded and they decided to block the toxic food today and not ignore the victims, as I said in the original comments we have laws and the fact that you are from Ruzzia should not put you above our laws, RT shoudl stay banned until they open a local branch where we can apply the fine to them equaly as we apply to our own media.
Also there are a lot of Ruzzian money wasted on social media to spread actual fake shit, priovable fake shit that I think we need to really go further in identifying the source of behind those fake crap and arrest, fine and sanction the individuals behind that shit, no level of education can just make a person intelligent or make them do investigative work to confirm that some information that he really, really loves is in fact false.
And I know some fascist here will claim that trush is not objective, and my response is that a photoshoped document is 100% fake in all natural logic systems. The strategy used in Romanian presidential campaign by the Ruzzian aligned side was to put faked documents or information on social media then have media people share in on social media and then bringt the faked document in discussion on TV.
So don't cry for the regular idiot they still get their conspiracies and faked information from Ruzzia on social media and sometimes even in the mail, as an example they sent people faked official looking letters that they are getting called to military service to go and fight in Ukraine.
So please freedom of media but there must be consequences for external media not only for local one.
Setting limits on what content can be shown at what times isn’t censorship because you’re not actually censoring content. What you’re doing is setting rules about scheduling content.
The thing I referred to in my previous comment is more of a historical thing before smart TVs and similar tech. Current RF technology is still just an evolution of the same signals sent 70+ years ago. So they’d moderate content via scheduling. “Terrestrial TV” still works that way today.
Right, so my local TV gets fined if they published something fake, like for example they had a news about some bullshit happening in Romania but they were showing a video from a different country, the TV claimed it was stupidity and not manipulation, they got fined.
So I want RT and other media to respect the exact same laws, if they do not want to respect our laws and continue to publish fake shit we block them until they pay their fines and start respecting the laws.
And trust me there is no communism censorship here in Romania, the TV is terrible still , you get tons of commercial to shitty suppliments and gambling, you get politicians presenting their bullshit conspiracies, you get the hosts claiming that Soros is doing everything that is wrong in the country and this days also Macron and France are big villains (because they upset Putin and the Zeds are super, duper butt hurt )), you can see ladies presenting themselves as "doctors in energy-shit-karma-bullshit" and claiming the vaccines caused a giant number of allergies and other crap that she and her company with ehr supplements will sell.
We still let people to be idiots but we need to not be idiots like a society and let paid and organized attacks on our population to continue, and we need to do more against this state organized attacks. (as I mentioned previously but maybe in other comment faked documents were sent by mail to people, this is clearly a state sponsored action, they had names and addresses, they falsified documents and then paid for physical mail delivery to make it look more authentic )
I used to be a hardline freedom of information defender, but we must face the fact that humanity has become way too good at manufactoring opinions and even facts. We're exposed to this threat at all levels, from your local company invading your feed with hidden ads in legitimate tiktok content to nation states influencing your political worldview.
Considering yourself immune to this manipulation is as naive as thinking you don't need vaccines - depressingly, we've far beyond the point where individual protection is enough.
But if you applied it consistently, you'd have to admit that Germany, the US, and many other Western countries also engage in full-blown hybrid warfare, against their own populations.
Just because two things superficially share some traits doesn't mean they are equivalent, at all. "Full-blown warfare against their own populations" is a bit dramatic, don't you think? As a German, I can tell you, while the government doesn't much act to my benefit, I am not exactly at war with them either. Intelligence, military and police don't have the competence or power, either. Most importantly, like in many proper democracies, there is a plurality of opinions and oversight in parliament, which prevents this sort of thing at scale. "Full-blown warfare" would imply a grand conspiracy, that's simply not factual.
Apart from the UK, Hungary and Poland, I think that's true for most western countries. The US is a bit exceptional, of course, since... well, I don't know what the fuck they are smoking there.
For that matter, in most cases where RT has been linked to me, I couldn't see any clear way that the story advanced Russian interests, except perhaps by trying to paint the USA as full of internal social and cultural conflicts. But, frankly, American media does a pretty good job of that, too. (And many of those media outlets have also grossly misrepresented many events relevant to those conflicts — including ones where I know very well that they were misrepresented because I witnessed them first-hand. For example, I watched the Rittenhouse trial live-streamed, and then read media coverage describing something barely recognizable as what I just saw.)
(Besides, it's not like they're trying to hide that "rt" stands for Russia Today.)
The Russian propaganda spends a lot of resources on reinforcing high-minded ideals that provide a scaffolding for the intellectual types to climb on. The suckers and idiots fall for the more odious stuff.
The decision to classify something as propaganda should never be the role of a government, much less blocking it.
But that's something that's close to impossible for continental European cultures to ever understand, at a gut level.
So let me flip the question: if a certain thing is illegal in a jurisdiction, but hosted outside, is it justified to block access to the hosting provider (notably, including Cloudflare and other giants)?
It’s incredibly valuable to understand how the enemy thinks.
Propaganda usually isn't banned, except in specific cases (defamation, hate speech, etc...). But AFAIK, RT is not special in that regard, it is just the kind of content one would expect from a website openly affiliated with Russian authorities.
Once again someone spreading Russian FUD.
280 more comments available on Hacker News