How to avoid Airtel MiTMing connections

S

sharktale1212

Skilled
I don't have any feasible alternative in my location other than Airtel. So while I am pissed me about them blocking sites even without court orders. Previously you could avoid it by using HTTPS everywhere and stop them from blocking connections.

Now they seem to have learned this and constantly MiTMing connections to sites using Comodo certificate, the worst of the lot.
What options does one have to stop this?
 
Airtel, Reliance, Tata's and many other ISP's use Websense I think. When the proxy itself is doing MITM, there's hardly anything a customer can do from his end. The only thing we can do is ask TRAI to view this as widespread hacking and not allow it.

Edit: try plugin like ultrasurf.
 
Last edited:
Use a Secure Proxy service. Or setup your own. These dont cost much if you know how to do it. Or go with Ultra surf, DotVPN or other VPN services.

Id suggest get a router with custom firmware, that supports secure VPN connections. Setup the VPN on it and everything you use will be secure and Airtel wont be able to see anything. Make sure you setup everything, including the DNS to be sent securely.
 
The best part is Chrome/FF block their notice as it shows the connection as unsecured even over a HTTPS page. God knows how they came up with this idea. In some cases the site's homepage is blocked but the file links are not so god knows what are they up to.
How does one setup a secure proxy service?
 
Eeps. TE certificate info shows "issued by Comodo" and verified by "Comodo CA" - so that means my connection to TE is MiTM-ed by my Airtel 4G data connection? Same for the other IBF forum (broadbandforum.co website)

Interestingly gmail and hotmail seem to show certs issued and verified by Google and MS respectively. So is there some difference (lacking) in the certs used by some websites that allows Airtel to spoof which they are not able to do for Gmail and Hotmail websites?[DOUBLEPOST=1477898703][/DOUBLEPOST]Not that I'm assuming TE and IBF are being MiTM-ed by Airtel for me, just asking...
 
Last edited:
Google certs cannot be MITMd, so they must be selectively allowing traffic. I will also test this with on my mobile hotspot.

If Comodo has issued the cert, then lets hope that Mozilla and Google take action against them as well - they have done to Wocom and StartSSL.[DOUBLEPOST=1477906522][/DOUBLEPOST]Just checked, TE is using a Comodo cert already.[DOUBLEPOST=1477906999][/DOUBLEPOST]In process of checking, TPB is getting blocked, showing a cloudflare cert, but not loading anything. This is not an issue on my wired ISP. They are doing for selective sites only, and we need to find out why are they blocked.[DOUBLEPOST=1477907484][/DOUBLEPOST]Most of the sites use Cloudflare, so they are showing up with Comodo, I guess. Can you give a list of sites blocked - I would love to check them out.
 
Last edited:
Sorry that came out wrong. I dint mean that Comodo is the big bad evil here even though they have done something like this with their products:
http://blog.emsisoft.com/2015/02/25/privdog-a-comodo-add-on-also-bypasses-ssl-security/

The original TPB, openload etc do have Comodo cert installed. But Firefox is able to see that something is wrong and gives an error "Firefox has blocked parts of this page that are not secure". Clicking on info opens this FF page:
https://support.mozilla.org/en-US/k...-secure-affect-my-safety&utm_source=inproduct

So airtel is injecting content directly into the secure site.
 
Back
Top