Roskomnadzor is trying to solve the problem with the white list blocking mechanism

A few days ago on Geektimes information was published that the site blocking mechanism developed by Roskomnadzor contains a vulnerability. As it turned out, it can be used to block almost any sites in the Russian Federation, provided that this will be done by the domain owners of the sites listed by Roskomnadzor in the so-called “black list”. Thus, the owner of the domain domain dymoff.space blocked in the Russian Federation introduced a number of third-party resources to the DNS IP, which resulted in restricted access to them (in particular, to the Telegram service) for some Russian users.

After this became known, employees of Roskomnadzor attempted to solve the problem, as reported by the author of the Telegram channel “IT criminal cases of SORM Russian” Vladislav Zdolnikov. He said that Roskomnadzor sent an official letter to Russian providers with a white list of sites that it was forbidden to block. The letter's authors refer to clause 5 of Article 46 of the Federal Law “On Communications”.


')
Using this list, Roskomnadzor hopes to solve the problem of blocking innocent sites, whose IPs were entered as “native” by the owner of dymoff.space. Now owners of other domains have begun to take similar actions to change the A-records of domains of blocked domains.

As for the white list, it contains a lot of interesting things. For example, among other addresses there is a * .google. *. Mask. If you add a .google subdomain to any domain, including the blocked one, it will not be blocked, despite the fact that the main address is on the “black list”. Moreover, if you create an A-record google.any.tld that points to any blocked IP, this will allow you to “unban” a previously blacklisted domain.

IT specialists consider the actions of Roskomnadzor and the white list itself unprofessional. Thus, the technical director of the online publication Meduza, Samat Galimov, called the Roskomnadzor list “the apogee of incompetence and disorder”.



The “white list” itself is distributed in the form of an .xlsx file with the name “Network Address List”. The file contains manual formatting, although the list is technical.

The problem is aggravated by the fact that on June 15 a straight line is planned on the communication of the President of the Russian Federation Vladimir Putin with the citizens of the country. Officials fear that attackers may use a vulnerability in the site blocking system developed by Roskomnadzor to disrupt the normal operation of the communication channels with the president. Trying to avoid this, the department warned the providers with a separate letter about the need to ensure the uninterrupted operation of these channels.

It has now become known that due to problems with blocking Roskomnadzor in the Russian Federation, some CDNs have been blocked, on which the work of most sites depends. For example, in the Russian Federation, access to code.jquery.com, which is used by up to 60% of known resources, is limited.