问题:

Recently, I’ve observed an interesting phenomenon: even if you haven’t downloaded a particular app and are using an Apple device within a sandbox environment, there’s still the possibility of your website visits being detected, leading to some form of interaction.

The good news, however, is that without downloading the app and while operating within the Apple ecosystem, they lack complete access to your information.

I’m intrigued by the methods they employ. Is it through network operations, possibly orchestrated by the internet service provider? Or do they leverage automated processes, such as robots? I don’t have any specific intentions or actions in mind regarding this matter. Instead, I approach this topic from an academic standpoint and as a professional, motivated by a commitment to privacy preservation.

sincere

HgTrojan

结论:

From my observations, it appears that many Android smartphones produced in China now come embedded with "anti-fraud" programs, often at the system level. Additionally, Apple in China has begun collaborating with the government, as seen in Safari's "Deceptive Website Warning" feature, where Tencent is involved as a partner, gaining access to the URLs you visit.

Fortunately, the "Deceptive Website Warning" feature in Safari is not a system-level function and can be individually disabled through personal settings. However, aside from personal devices, there are still other means by which they monitor the URLs you visit. For example, certain "leading brands" of optical network terminals (ONTs) are equipped with Deep Packet Inspection (DPI) technology and gradually incorporate "anti-fraud" programs. My assessment of this situation is that they are indeed "leading the way" in this aspect.

If one believes that changing the brand of network equipment can solve the problem, that assumption would be mistaken. Currently, major telecommunications operators are gradually deploying DPI technology in their respective networks, with Huawei being a significant proponent. Moreover, domestic operators have completed the deployment of deep packet inspection technology in areas such as mobile data, broadband, and core networks. In campus networks, deep inspection technologies, such as those provided by Deepin Technology, are prevalent.

To briefly introduce DPI technology: Deep Packet Inspection (DPI) is an internet traffic control technology used by domestic operators and some enterprise intranets to track user behavior and monitor network traffic. In other words, DPI technology enables domestic operators to understand which software you are using (such as WeChat, QQ, VPN, Zhihu, and online forums) and perform big data analysis on user groups associated with a particular software (anti-fraud measures can utilize DPI to determine if you are accessing fraudulent websites and provide personalized phone and SMS reminders).

解决方法:

Firstly, for websites employing SSL encryption, only the fact that you are accessing a particular site is visible, and the specific content within the site remains concealed. Therefore, when engaging in online communication and browsing, it is advisable to choose the HTTPS protocol.

Secondly, using a VPN remains the top choice for "ordinary users." It is preferable to select 1.1.1.1, proposed by Cloudflare, or a VPN based on the WebSocket (ws) protocol. Both options can obscure your IP address and the URLs you visit. Using the ws protocol allows you to camouflage your visits, making it so that observers only see the disguised ws URL, regardless of the actual URL you are accessing.

Next is DNS spoofing. Refer to this linkhttps://github.com/paulmillr/encrypted-dns/blob/master/README.cmn-CN.md for guidance on installation, following the instructions to set up DNS spoofing.

Additionally, concerning mobile phones, it is advisable to avoid devices from certain "leading" brands, including optical network terminals (ONTs) and routers. Disable all "anti-fraud" features, such as Safari's "Deceptive Website Warning," and refrain from downloading "national anti-fraud apps." Minimize the use of mobile data, as even without concrete evidence, suspicions arise regarding tracking certificates that could monitor the URLs you access. Even in the absence of tracking certificates, SIM cards contain various data that could enable precise tracking. A reminder: be cautious to avoid falling victim to fraud.

Lastly, regarding browser selection, if possible, opt for third-party browsers like Google Chrome. Avoid Chinese browsers such as Quark Browser, as they may have "anti-fraud" monitoring programs. In this context, I recommend considering Tor Browser if it aligns with your needs.

声明

未经所有者同意,请不要攻击网站。
本人所有文章均为技术分享,均用于防御为目的的记录,所有操作均在实验环境下进行,请勿用于其他用途,否则后果自负。
本博客所有文章除特别声明外,均采用 BY-NC-SA 许可协议。转载请注明出处!

文章目录