Dan passed away in 2021, rip.
if you search for it its hard to find. his blog is down (hea dead...), and many companies and people talked about it on his behalf to drive traffic (hi duo sec..), so you can see the internet forget, rediscover, and rewrite some history even in a few years.
Except if you bypassed payment and used the service in a manner that was not intended, most likely you were by definition not undertaking "strict adherance" to service terms ?
Huh ?
DNS tunneling is not exaclty something you do "by accident".
And if the person doing it on the flight "did not know" (which, given the text of the blog, I doubt) , then you can bet your botom dollar that the "roommate" that was summoned for remote assistance knew very well what was going on.
I don't know the age of the author, but it almost doesn't matter, sometimes people don't know (lack of knowledge).
A few kids doesnt matter. A few adults is only a problem if it's their stuff (If they are teachers, they will care more about unautorized changes of the wallpaper in the computer of the school that anything in a remote computer.) And yuo can even later claim they misunderstood or you were exagerating.
But here is an in written report in front of thousands of persons and about planes that is a sensitive topic.
Not law per se. More like contractual obligations taken upon by connecting to the flight's WiFi.
Well, being pedantic, you could be said to be breaking Civil Law. :)
Jest aside, IANAL but most western countries have some sort of Criminal Law relating to mis-use of computers.
A brief search for Canada reveals Criminal Code (R.S.C., 1985, c. C-46)[1].
Again IANAL, but from my reading in this scenario it would be (c) -> (a), "uses or causes to be used ... a computer system" to "obtains, directly or indirectly, any computer service".
[1]https://laws-lois.justice.gc.ca/eng/acts/C-46/section-342.1....
The user agreement helps define the service as a paid service with defined access cases. Going around those would put the user in violation of some laws.
An analogy would be showing up to a paid event venue and noticing a back door was left open. Going into the building without paying is not okay, even though you never engaged with the ticket office to agree to anything.
https://web.archive.org/web/20250823174801/https://bobdahack...
For all intents and purposes it is the country of registration of the aircraft.
There are one or two exceptions to the rule, but they would not be applicable in this scenario. Mostly stuff relating to air safety. For example, if the aircraft did something against the aviaition laws of the country being overflown. Or hijackings etc.
IIRC the way it works is that when you land (destination or forced landing elsewhere) the offender is delivered to the local competent authorities.
They then undertake an initial investigation and decide either to exercise their own jurisdiction or undertake extradition proceedings to send the offender to the country of registration of the aircraft.
In a scenario of (attempted)murder, I suspect that it is highly likely it would be dealt with in the local courts unless there was a specific external push for extradition.
The point of the convention is to ensure there is never no jurisdiction, i.e. the country of registration to the aircraft is always there as the ultimate fallback. The wording doesn't seek to strictly define the jurisdiction, which is why in most cases the delivery country has the option to take jurisdiction.
Unfortunately this is also the downside of paying. Many times I have paid for internet, only to find it unusably bad. To be fair, I just flew a transcontinental flight on Air Canada the other day and the wifi was fine.
To prevent chat apps from consuming lots of bandwidth typically your connection is severely bandwidth restricted until you pay. If they didn't then someone could simply stream movies from their chat apps.
For some reason, being fully connected at 50mbps+ on a plane seems more futuristic sci-fi to me than everything AI.
Westjet has required you to use your own device for a long time now (10 years?), but they offer an app/website and streaming library that works for anyone who connects to the in-plane wifi, unrelated to actual access to the internet.
Interesting that they're telling you to use your own streaming app/account now. Did you still have to pay extra for internet access? Was the Westjet streaming app still available?
Therefore, it is either done with least amount of work that is “good enough”, and can be done on a cheapest router (rate limit to the absolute minimum, ban connections to ports 80 and 443, maybe cut the traffic to most stable IP ranges of biggest services, and regular person is going to state that “nothing else works”), or trough very extensive commercial DPI with lots of guessing and ad-hoc rules (if this feature is important for the income, and many will try to game the system). So it's either going to be as simple as in this example, or you'll compete with the global army of detection rule authors.
Though I do like the wink-wink, nudge-nudge choice of proxy software.
That said, many networks did these sorts of things without communicating with WhatsApp. Even without knowing IP ranges. WA traffic is easy to spot. Chat has a destinctive protocol that's neither http, nor https; mms is https with obvious hostnames in SNI; voip looks like voip.
You might be able to trick in-air wifi by looking like WA chat, but I've never been interested enough to check while on a plane. I'd rather use the time to watch awful movies on a tiny screen with terrible audio conditions.
However, just as you make sure that the power supply actually supplies power before dismantling something that refuses to work down to the last washer, repairing network problems should start with the basics. Simple test that does not work, or shows something nonsensical, is a great hint that you forgot something, or should start digging elsewhere.
I've seen technicians get tripped up in troubleshooting thinking that a failed PING tells them more than it does. When the possibility of asymmetric return paths is involved it's always important to remember how little a failed PING actually tells you.
Vernor Vinge had a character who was a "Programmer-Archeologist" on a relativistic starship. Feels more and more prescient as time goes on.
Edit: I wonder if any "enterprise" firewalls do ICMP echo proxying. Having the firewall replace the payload would remove some of the tunneling capability (thought I assume you could still finagle a side channel by just timing the packets) but would also eliminate some of the utility (since being able to craft the payload provides a way to test for specific bit patterns in packets causing problems).
With Starlink things may be looking a bit better, but I think demanding net neutrality on in-flight satellite internet and plane-to-cell-tower internet is excessive.
At a certain provider, all those free logins used the same firewall configuration to only allow traffic to those free services and ISP site, probably for simplicity, so all of them were accessible with any promotional login. Most of them were not useful (to me), but different agreements with ISP resulted in different call time limit until hang-up, 10-15 minutes instead of 3-5.
However, the main treasure was the addition of external page translation service as a feature on some big site. Back then, it was strictly static and server-side, URL in request gave you its HTML source with translated text strings and absolute paths to external resources, so in order for translation to work, users needed to be able to access that third party server, too. Obviously, if you gave it any other URL, the server would also grab it to translate (and choosing least similar language in parameters would leave most of the page text intact).
You can imagine that having a browser supporting tabs and switching media off was very handy for loading as many free web pages in text only form as those dial-up sessions allowed.
Obviously, WWW-to-email services for people who only paid for mail server access had existed even before that.
Escaping locked down networks by tunneling things over DNS is one of these things. We've used it back in 00's to get out of restrictive hotel networks. Not even WiFi, but the actual wired Ethernet ones.
I once merely mentioned the words “Heart Attack” on a plane and was kicked off by the flight attendants. No context, they just heard the words and forced me off.
There are things that trigger them because of laws and regulations like mentioning “bomb” (even if you’re describing something fantastic).
So messing with the gogo flight entertainment is up there with flirting with terrorism charges.
I would never in a thousand years run a sweep on an airplane network. That's massively risky, to the point you might never be allowed on a jet again. Anything to do with aviation I am on my absolute best behaviour.
Hijacked plane is a popular media spectacle with lots of ties to other images and scenes. Millions are ready to discuss it, or listen to the thrilling stories. “This is important for security!” is a shazam in that context. At the same time, much closer and routine dangers directly affecting many people (power plants, refineries, railroads and so on) are kept in check by underpaid workers who can't even make companies fix sensors or replace something until it is rusted through. Effectively, “this is not important for anything”, nor public is interested in TV shows about working pipeline that is not getting blown up. Those who want money and power naturally stick to impressions that work for the crowd they are given.
Propaganda is most successful when people do the required thing on their own, agree that it's absolutely impossible to evade, and even encourage each other. Something in this day and age makes people themselves adore certain forms of propaganda, and even demand to be told specific lies. Among other things, images of stupid social machines crushing someone (“they'll put you on the list”, etc.) seem to weirdly stimulate the crowd.
Even in so-called globalised world there are examples that crack the habituation. In country A, any big gathering of people needs to be formally approved, supplied with hordes of policemen (thankfully, not tanks), fences (thankfully, not barbed wire), entrance searches (thankfully, without stripping). When you ask anyone about that, they promptly respond with “What if terrorists/enemies decide to attack the crowd?” or “What if they start to riot?” (notice that “they”), etc. Even most obvious security theatre acts are automatically accepted with promotion to “psychological stuff that helps to detect those people in the crowd”. In country B, no less “civilised”, the same event is handled by some private company that is mostly worried about portable toilets or electric generators, and people come freely to the venue if they like it (just buy the ticket).
The odds of something wrong happening are roughly the same, but people reason about themselves and those around them very differently. That mental picture of the world shapes the thing that happens, not the alleged expert opinions or calculations.
The fun thing to do on the plane is clone the wifi and add an option to log in with google or meta or apple credentials....
I was on airplane with large aggressive dog, that was harassing other passengers. I was worried it would ampute my limb mid flight.
I voluntary left before take off, dog stayed!
I'll echo the article's disclaimer: This reply is intended solely for educational and research purposes. I affirm the strict adherence to all relevant regulations and service terms.
People do get nervous, and in theory you could probably break some kind of informational system utility if you kernel panic the box that booms up to the satellite receiver, but unless you're trying to get root on the plane's routers I don't believe there's a need to feel brave.
The braver part is publishing the results of this stuff online under your own name.
> My roommate spent about an hour setting up a proxy server exposing port 53 using xray 1, and sent me the configuration via WeChat:
An hour!? As opposed to just spinning up an sshd on that port and coming in using ssh -D to establish a local socks proxy?
Eh, I don’t think this is a result of cognitive bias. I’m sure the people involved in creating whatever hardware or software is running the network know that you can run other stuff on ports. More likely the extra effort involved in inspecting packets was not deemed worth the risk, a decision either made by the manufacturer of the hardware/software, or someone on Air Canada‘s IT team.
> This is likely another layer of security that they didn't break through:
> To prevent chat apps from consuming lots of bandwidth typically your connection is severely bandwidth restricted until you pay. If they didn't then someone could simply stream movies from their chat apps.
"Should" in the sense that "everyone should get free food, housing, and healthcare" or that other airlines actually provide it for free? I don't know of any airline that provides it for free, the most is some Asian/Gulf airlines providing "free for 1 hour" or similar. Compared to that, "free texting, unlimited" doesn't seem too bad, considering there are also trans-continental flights with no internet access at all.
- Browse the web.
- Send and receive emails and messages.
- Check and post to social media
In practice I think they just whitelist a few messenger apps. Everything else was unusable - I couldn't even load this site. Only had my phone so couldn't check if I was actually receiving any bytes from other sites, but it at least wasn't immediately blocked.
> - Check and post to social media
> In practice I think they just whitelist a few messenger apps. Everything else was unusable
That was probably intentional, because to the vast majority of the users of these services, 'the web' is just a handful of the same social sites. As long as they can post a few things about their trip, that's the extent of the web access that they need or care to want. Sucks when you're expecting the whole kit and kaboodle, but the airlines seem to know their customers.
That's junkie talk /s
No but seriously if you think Internet access is so vital that it has to be provided for free on a long-ish flight, you may have a problem. Watch an in-flight movie, read a book, take a nap, look out the window. There are many ways to pass 12 hours.
I ask because, two years ago, I was able to circumvent the Windows-11-requires-internet-and-a-microsoft-account part of the set up for a new laptop computer by doing this on a flight. Apparently, connecting to the airplane wifi (without yet logging in) was enough to satisfy the OS set-up, but limited enough that my laptop didn't require a microsoft account. With windows 10 now end of life, I will probably get a new desktop computer and would like to repeat the feat at home. Thanks
Set up a wifi network with no internet? If you have a separate router/modem, just unplug your modem from your router. If your mode/router is combined unplug the coax/fiber/phone line.
I believe this trick doesn't work on Windows 11 anymore, though. Microsoft will happily wait for you to move some place with internet access to finish the OOBE, especially with upcoming changes where they disable various internal mechanisms to bypass the account restrictions.
For about 30 bucks (or a crack) you get more life out of Windows 10 if switching to Linux isn't an option for you. You'll need to log in to an MS account once every three months to keep that going, but you can log out in between. If you live in the EU, you'll get the first year for free if you just sign in to an MS account, which I believe will also work as long as you sign in once every three months to keep the computer registered for updates.
I have done similar things on several long flights.
Very often, there is at least one large cloud provider or CDN (e.g. Microsoft/Azure or Amazon/AWS or Google/GCP) that is whitelisted by the in-flight Internet gateway so that it can serve static pages, and I can get access to all the sites hosted by that provider simply by using domain fronting (which the author of this post describes as "disguise domain": https://ramsayleung.github.io/en/post/2025/a_story_about_byp...)
4rt•5h ago
technothrasher•4h ago