- Bernie Sanders wins Nevada Caucuses Saturday 6:54 PM
- MSNBC is out of its mind over Sanders leading Nevada Saturday 5:20 PM
- Kim Kardashian dragged for using makeup to darken her hands Saturday 4:13 PM
- TikTok users show how they turned their vehicles into incredible tiny homes Saturday 3:44 PM
- Woman iconically pranks man who sent her an unsolicited d*ck pic Saturday 2:25 PM
- ‘Terrifying’ deepfake puts Jeff Bezos and Elon Musk in ‘Star Trek’ Saturday 1:06 PM
- A 36-year-old called the cops after being booted from parents’ phone plan Saturday 12:16 PM
- People think novelist Dean Koontz predicted the coronavirus in 1981 thriller Saturday 10:22 AM
- Twitter suspends 70 pro-Bloomberg accounts Saturday 9:15 AM
- In documentary ‘Modern Whore,’ a former escort takes control of her own narrative Saturday 6:30 AM
- Cara Delevingne calls out Justin Bieber for ‘ranking’ wife Hailey’s friends Friday 9:07 PM
- Fans defend Jenna Marbles after some people claimed she mistreated her dogs in a recent video Friday 8:37 PM
- ‘Friends’ gets reunion special on HBO Max, fans go wild Friday 7:37 PM
- Why you should drop everything and start reading ‘Lore Olympus’ Friday 6:27 PM
- ‘Boogaloo’ memes are trying to organize a second civil war—and they’re spreading fast Friday 3:48 PM
An update to the Google App Engine, the platform developers use to create web applications, puts an end to “domain fronting.” The tool, which gave apps the ability to hide their location, was used to circumvent state-wide censorship in countries like China or Egypt.
It worked by using Google’s network as a proxy to feed data through before that data reached the app’s own servers. The search giant’s encryption would then shield anyone from knowing where those requests were going next. If someone was taking advantage of domain fronting, it would appear as though all of their data requests would be going to and coming from Google.com.
This level of anonymity also opens the doors for hackers. Last year, security researchers at FireEye caught “Russian nation-state attackers” using the technique to gain backdoor access to computers.
It doesn’t appear this feature was created intentionally by Google but was rather a byproduct of providing developers the infrastructure required for sending app data. Google confirmed as much in a statement to the Verge, claiming domain fronting has “never been a supported feature at Google” and that it only worked because of a “quirk” in its software.
“We’re constantly evolving our network, and as part of a planned software update, domain fronting no longer works. We don’t have any plans to offer it as a feature,” Google said.
Signal, a messaging app known for its strong encryption, began supporting domain fronting natively in 2016 after it was blocked by Egypt. Along with other anti-censorship apps like GreatFire.org and Psiphon, Signal relied on the App Engine to give users a way to bypass censorship. We have reached out to Signal to find out if it will still offer the tool.
Nathan White of digital rights group Access Now criticized the Google update and urges the company to reinstate domain fronting.
“Google has long claimed to support internet freedom around the world, and in many ways the company has been true to its beliefs,” he told the Verge. “Allowing domain fronting has meant that potentially millions of people have been able to experience a freer internet and enjoy their human rights. We urge Google to remember its commitment to human rights and internet freedom and allow domain fronting to continue.”
Phillip Tracy is a former technology staff writer at the Daily Dot. He's an expert on smartphones, social media trends, and gadgets. He previously reported on IoT and telecom for RCR Wireless News and contributed to NewBay Media magazine. He now writes for Laptop magazine.