Connect with us

Publications

Domain Fronting 101: What is Domain Fronting and How Does it Work?

Published

on

image

Jessica Truong Hacker Noon profile picture

@jtruongJessica Truong

Interested in security? Follow along for content within Cybersecurity

What is Domain Fronting?

Domain fronting is a technique that involves using different domain names in the Server Name Indication (SNI) field of the TLS header and the Host field of the HTTP host header.

It is a useful technique to bypass internet censorship, especially in third-world countries. Essentially it hides your traffic to a specific website by masking it as a different domain. It is one of the ways for an attacker to obfuscate their activities.

What is a Content Delivery Network (CDN)?

A CDN refers to “a geographically distributed group of servers which work together to provide fast delivery of Internet content” (Cloudflare). It increases the availability of a webpage to a user based on the information they are requesting and where they are located. 

The following lists examples of different CDNs:

  • Akamai
  • Cloudflare
  • CloudFront

How does Domain Fronting Work? 

A client sends an HTTP request with the actual destination set in the HTTP host header. The DNS query and TLS SNI contain one domain (also known as the front domain) while the HTTPs header, which is hidden from the censor, by HTTPS encryption, contains the forbidden destination.

This circumvention technique disguises the true destination of the client’s message by rerouting the data through a content delivery network (CDN). Therefore, from the firewall’s perspective, the HTTPS request appears to be going to a legitimate website when in reality it is going to a malicious site that would usually be blocked. Domain fronting utilizes different domain names at different layers as you will see in the example below.

The DNS request and the TLS SNI appear in plaintext with the front domain of allowed.example. Then, if we look at the domain located at the HTTP layer, the forbidden domain, forbidden.example, exists here because it is unreadable by the censor.

image

In order for domain fronting to work, both the malicious website and the legitimate site must be hosted by the same CDN. 

When is Domain Fronting Used?

The following lists some ways that domain fronting could be used:

  • Messaging applications such as Signal and Telegram utilize domain fronting to evade censorship which allows people in countries such as China, Russia, etc.. with strict internet restrictions to be able to use these applications. 
  • Those who live in restrictive countries may use domain fronting to access restricted content
  • The Tor project used the meek plugin to “implement domain fronting through google.com and other CDNs as a way to evade censorship” (Cyberark). For example, this specific Akamai domain (a248.e.akamai.net), was used by the Tor project to bypass China’s internet restrictions, and then was later blocked in China as it was used to bypass the country’s content filtering control (Cyberark).

How can Domain Fronting be Abused?

As explained in the earlier section, hackers can use domain fronting to hide their malicious activity behind a legitimate website. For example, a Russian hacker group, APT29 utilized the Tor network to communicate with infected machines and exfiltrate data. 

Attackers may also use domain fronting to obfuscate a malware command and control (C2) traffic allowing them to mask this C2 traffic within the CDN. It waits for appropriate instruction before it is instructed to infect other systems. 

How to Protect Against Domain Fronting? 

The best way to defend against domain fronting is to “have a proxy server for all your internet connections leaving your corporate network that is configured for TLS interception” (Henson Security Tools). You can configure the proxy server to ensure that the “http 1.1 header matches the domain that is in the URL” and if the domains don’t match then you can generate an alert (Henson Security Tools). 

How to Detect Domain Fronting? 

Unsupervised machine learning combined with JA3 fingerprints may be used to detect domain fronting. By using unsupervised machine learning, the algorithm would be able to learn and recognize any patterns from the dataset that has been used. Using the JA3 fingerprints would detect the client application and determine whether or not it is malicious. It is extremely useful in encrypted communications therefore making it extremely beneficial as well to detect domain fronting. The fingerprint gives valuable information regarding the client such as having the ability to detect the malware based on how it communicates rather than who/want it communicates to.    

The Future of Domain Fronting

In April 2018, Google and Amazon both ceased their domain fronting services and since then the rise of TLS 1.3 could be considered an upgraded version of domain fronting, known as domain hiding. Based on Erik Hunstad’s research, “network monitoring and internet censorship tools are able to be fooled on multiple levels”. You can use the Encrypted Server Name Indicator (ESNI) in TLS 1.3 to hide the true destination you are going to on a CDN without the CDN having to utilize the HTTP host header like it would in domain fronting. 

Tags

Join Hacker Noon

Create your free account to unlock your custom reading experience.

PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://hackernoon.com/domain-fronting-101-what-is-domain-fronting-and-how-does-it-work-es2v37pr?source=rss

Amb Crypto

3 Factors Which Affect Cryptocurrency Price

Published

on

Cryptocurrencies are playing an ever greater role in the way we live our lives, including how we spend our free time online. Increasingly, people are logging on to sites like nolimit casino to enjoy the strategy of blackjack, the thrill of roulette and the entertainment of slots, all while funding their enjoyment using cryptocurrency as a form of payment.

But unlike traditional means of currency, crypto is often subject to volatile price fluctuations, meaning that it can be worth significantly more (or less) one day than it is the next. This can make managing a crypto wallet a difficult endeavor for those who favor the payment system when gambling, shopping and browsing online – so how can they stay abreast of the latest developments in the sector and better understand the factors which affect the market? Here’s a quick run through some of the biggest contributors to the rises and falls of cryptocurrency valuations.

Supply and demand

As with any commodity, a cryptocurrency is only worth what others are willing to pay for it. Some, like Bitcoin, have benefited from the fact that there is a finite supply – some 21 million Bitcoins in total, with around only four million that have yet to be mined. This means that the supply will never increase above that figure, even as demand continues to grow. By contrast, Ripple has a cap of 100 billion XRP coins, over half of which had yet to be mined at the time of writing. This surplus of supply means that Ripple is a lot cheaper than Bitcoin – at least for now.

Regulations

Because it’s a very new technology, there is understandably a considerable amount of hesitancy among the investment community when it comes to trading in cryptocurrencies. As they become more commonplace and widely accepted in society, that trepidation is likely to ebb away in the long term – especially if they come to be formally recognized by national governments. Of course, the inverse is also true, as was recently witnessed with the news that China has banned financial institutions and online payment companies from accepting cryptocurrencies earlier this year. The shockwaves from the announcement saw crypto prices come tumbling down around the globe.

Public perception

It isn’t just a country’s official stance on crypto which can have a huge bearing on its value, either. Public perception of a commodity is shaped by a wide variety of factors, including the views and actions of societal leaders. A prominent example of this kind of factor occurred earlier this year, when tech billionaire and CEO of Tesla Elon Musk said that he would be dropping all use of Bitcoin until the technology behind the currency became more eco-friendly. The ramifications of Musk’s announcement not only put a squeeze on the price of Bitcoin, but also had a knock-on effect on the valuations of almost all other cryptocurrencies, as well.

Due to their volatility and unpredictability, cryptocurrencies can represent a risky investment. However, the factors which affect their fluctuation in price can be clearly traced, allowing savvy investors to make informed decisions on when to buy and sell crypto.

Continue Reading

Techcrunch

Tumblr debuts Post+, a subscription service for Gen Z creators

Published

on

As Twitter launches Super Follows, YouTube adds new monetization tools, and Instagram embraces e-commerce, the social media sphere is heating up with new ways for creators to make a living. Now, Tumblr is joining the fray with Post+, the platform’s first attempt at allowing users to monetize their content. Post+ is debuting today in limited beta for an exclusive selection of creators in the US, who were hand-picked by Tumblr.

Like Twitter’s Super Follows, Tumblr’s Post+ lets creators choose what content they want to put behind a paywall, whether that’s original artwork, personal blog posts, or Destiel fanfic. Creators can set the price for their subscriber-only content starting at $3.99 per month, with additional tiers at $5.99 and $9.99. The process of making content under Post+ is the same as any other Tumblr post — all creators will have to do is check a box to indicate that the post is for paying subscribers only, whether that’s a video, audio clip, text post, image, etc.

Image Credits: Tumblr

“Not reserved only for professionals, or those with 10K followers or higher, Tumblr’s Post+ will push the boundaries of what’s considered money-making content on the internet: Shitposters, memelords, artists, fan fiction writers, all of the above and everyone in between will be able to create content while building their community of supporters, and getting paid with Post+,” a Tumblr spokesperson told TechCrunch.

For millennials who live-blogged their reading of the last Hunger Games” book on its release day in 2010, Tumblr might seem like a relic of the past. Founded in 2007, the platform has gone through plenty of change over the years. In 2013, Tumblr was acquired by Yahoo for $1.1 billion, and then Yahoo was later acquired by Verizon.

But a massive shift came for Tumblr in December 2018, when the platform banned all sexually explicit content and pornography. A month prior, the Tumblr app had been removed from the iOS App Store after child pornography passed through the app’s filtering technology, which led the platform to ban pornography entirely. Four months after the ban, Tumblr’s monthly page views had declined by 151 million, or 29%. Since then, the platform has retained a core userbase, hovering between about 310 million and 377 million page views per month, according to SimilarWeb, though the analytics still indicate a slight downward trend. Tumblr declined to provide its monthly active user numbers, but shared that the platform has over 11 million posts per day and 500 million blogs.

In 2019, the platform was sold to Automattic, the company that owns WordPress. Though Tumblr hasn’t exhibited significant growth since the fateful porn ban, under its new ownership, it’s exploring new ways to generate profit by creating features that appeal to its now younger demographic. According to Tumblr, over 48% of users are Gen Z. These Gen Z users spend 26% more time on the platform than older bloggers, and their average daily usage time is increasing over 100% from year to year.

PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://techcrunch.com/2021/07/21/tumblr-debuts-post-a-subscription-service-for-gen-z-creators/

Continue Reading

Techcrunch

Tumblr debuts Post+, a subscription service for Gen Z creators

Published

on

As Twitter launches Super Follows, YouTube adds new monetization tools, and Instagram embraces e-commerce, the social media sphere is heating up with new ways for creators to make a living. Now, Tumblr is joining the fray with Post+, the platform’s first attempt at allowing users to monetize their content. Post+ is debuting today in limited beta for an exclusive selection of creators in the US, who were hand-picked by Tumblr.

Like Twitter’s Super Follows, Tumblr’s Post+ lets creators choose what content they want to put behind a paywall, whether that’s original artwork, personal blog posts, or Destiel fanfic. Creators can set the price for their subscriber-only content starting at $3.99 per month, with additional tiers at $5.99 and $9.99. The process of making content under Post+ is the same as any other Tumblr post — all creators will have to do is check a box to indicate that the post is for paying subscribers only, whether that’s a video, audio clip, text post, image, etc.

Image Credits: Tumblr

“Not reserved only for professionals, or those with 10K followers or higher, Tumblr’s Post+ will push the boundaries of what’s considered money-making content on the internet: Shitposters, memelords, artists, fan fiction writers, all of the above and everyone in between will be able to create content while building their community of supporters, and getting paid with Post+,” a Tumblr spokesperson told TechCrunch.

For millennials who live-blogged their reading of the last Hunger Games” book on its release day in 2010, Tumblr might seem like a relic of the past. Founded in 2007, the platform has gone through plenty of change over the years. In 2013, Tumblr was acquired by Yahoo for $1.1 billion, and then Yahoo was later acquired by Verizon.

But a massive shift came for Tumblr in December 2018, when the platform banned all sexually explicit content and pornography. A month prior, the Tumblr app had been removed from the iOS App Store after child pornography passed through the app’s filtering technology, which led the platform to ban pornography entirely. Four months after the ban, Tumblr’s monthly page views had declined by 151 million, or 29%. Since then, the platform has retained a core userbase, hovering between about 310 million and 377 million page views per month, according to SimilarWeb, though the analytics still indicate a slight downward trend. Tumblr declined to provide its monthly active user numbers, but shared that the platform has over 11 million posts per day and 500 million blogs.

In 2019, the platform was sold to Automattic, the company that owns WordPress. Though Tumblr hasn’t exhibited significant growth since the fateful porn ban, under its new ownership, it’s exploring new ways to generate profit by creating features that appeal to its now younger demographic. According to Tumblr, over 48% of users are Gen Z. These Gen Z users spend 26% more time on the platform than older bloggers, and their average daily usage time is increasing over 100% from year to year.

PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://techcrunch.com/2021/07/21/tumblr-debuts-post-a-subscription-service-for-gen-z-creators/

Continue Reading

Ecommerce

YouTube to pilot test shopping from livestreams with select creators

Published

on

YouTube will begin pilot testing a new feature that will allow viewers to shop for products directly from livestream videos. The feature will initially launch with just a handful of creators and brands, the company says, and is an expansion of the integrated shopping experience YouTube began beta testing earlier this year.

That feature was designed only for on-demand videos, and allowed viewers to tap into the “credibility and knowledge” of trusted creators in order to make informed purchases, the company explained at the time. It said it would roll out to more creators over the course of 2021.

More recently, YouTube tested livestreamed shopping with a one-day shopping event focused on small businesses.

YouTube’s video platform, for years, has been a powerful tool for product discovery, as its over 2 billion logged-in users per month turn to the service to watch product reviews, demos, unboxings, shopping hauls, and other content that could inspire future purchases. But creators who wanted to sell from their YouTube videos would often have to promote affiliate links to online stores through the video’s description or in-video elements, like cards or end screens.

In more recent years, YouTube also introduced a merch shelf that would allow viewers to shop a set of specific products the creator selected.

The integrated shopping experience, meanwhile, allows viewers to shop the products shown in the video itself by tapping on a “view products” button, which brings up a list of the items being featured.

Image Credits: YouTube

This feature allows YouTube to better compete with the growing number of video shopping experiences becoming available from both startups and competitors, including Facebook, Instagram, TikTok Pinterest, Amazon, and Snapchat. Many of those include support for livestream videos, too.

Over the past year, for example, startups like Bambuser, Popshop Live, Talkshoplive, Whatnot, and others have raised multi-million dollar rounds to invest in their own live video shopping businesses. Meanwhile, Facebook recently launched Live Shopping Fridays to test live shopping within the beauty, fashion and skincare space. And Walmart partnered with TikTok on livestream shopping events on multiple occasions.

YouTube’s own interest in this space has been heating up, as well, as just this week the company announced it was acquiring Indian video shopping app Simsim — an indication of Google’s interest in further integrating video shopping experiences into its own platform. Google also integrated video shopping into its Shopping search business, which included one effort from Shoploop, a video shopping product that graduated from Google’s in-house incubator, Area 120.

The expansion of YouTube’s integrated video shopping experience was announced today alongside other new Google Shopping features, including the addition of new section that organizes deals and sales on Google’s Shopping tab, which will be free for merchants who want to list.

PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://techcrunch.com/2021/07/21/youtube-to-pilot-test-shopping-from-livestreams-with-select-creators/

Continue Reading
Esports3 days ago

How to reduce lag and increase FPS in Pokémon Unite

Esports4 days ago

Coven skins for Ashe, Evelynn, Ahri, Malphite, Warwick, Cassiopeia revealed for League of Legends

Esports4 days ago

Will New World closed beta progress carry over to the game’s full release?

Aviation5 days ago

And Here’s Yet Another Image Of Russia’s New Fighter Concept That Will Be Officially Unveiled Tomorrow

Esports4 days ago

Can you sprint in New World?

Esports3 days ago

How to add friends and party up in New World

Esports3 days ago

How to claim New World Twitch drops

AR/VR3 days ago

Moth+Flame partners with US Air Force to launch Virtual Reality sexual assault prevention and response training

Esports5 days ago

How to complete FUTTIES Alessandrini’s objectives in FIFA 21 Ultimate Team

Esports3 days ago

Twitch streamer gets banned in New World after milking cow

Esports5 days ago

Everything we know about Seer in Apex Legends

Aerospace5 days ago

Boeing crew capsule mounted on Atlas 5 rocket for unpiloted test flight

Esports4 days ago

What Time Does League of Legends Patch 11.15 Go Live?

Esports5 days ago

Evil Geniuses top laner Impact breaks all-time LCS early-game gold record in win over Dignitas

Blockchain4 days ago

Rothschild Investment Purchases Grayscale Bitcoin and Ethereum Trusts Shares

Blockchain4 days ago

Uniswap (UNI) and AAVE Technical Analysis: What to Expect?

Esports4 days ago

Konami unveils Yu-Gi-Oh! Master Duel, a digital version of the Yu-Gi-Oh! TCG and OCG formats

Blockchain3 days ago

BNY Mellon Joins State Street Into Crypto Trading, Backs Pure Digital Trading Platform

Esports3 days ago

How to change or join a new world in New World

Esports4 days ago

Team BDS adds GatsH to VALORANT roster as sixth man before EU Stage 3 Challengers 2

Trending