Noctilucent brings back ‘domain fronting’ as ‘domain hiding’

At the DEF CON 2020, the security researcher Erik Hunstad has released a new tool that can help users to evade censorship and bypass firewalls to keep services up inside problematic areas of the globe.

Domain fronting, the technique of circumventing internet censorship and monitoring by obfuscating the domain of an HTTPS connection was killed by major cloud providers in April of 2018. However, with the arrival of TLS 1.3, new technologies enable a new kind of domain fronting.

The new tool, named Noctilucent [2], fill a role left void by cloud providers like Amazon and Google blocking “domain fronting” on their infrastructure.

Hunstad said he used the new TLS 1.3 protocol to revive domain fronting (sort of) as an anti-censorship technique, but in a new format, the researcher calls “domain hiding”:


  1. Domain Fronting in a Nutshell

Related posts

  1. How many data are shared by iOS and Android telemetry?
  2. “My piano didn’t fit in the elevator!”, a piano album
  3. Privacy Roundup #16
  4. Technology Roundup #16
  5. Privacy Roundup #15