Afghanistan's Internet Blackout and Malaysia's DNS Censorship - What it means for Digital Freedom

-
 


An entire country has effectively vanished from the internet. On September 29, 2025 in Afghanistan cell and internet services nationwide were flatlined dropping to near 0% connectivity, affecting a population of 40 million. This was not a slowdown or restriction but an abrupt full-scale blackout.

This all came to light through NetBlocks, a watchdog group that tracks internet connectivity. Traffic graphs did not dip; they nosedived straight to zero within an hour, a level that has since hovered at a negligible 0–1%.

Blackout by Blade

The regime employed no fancy, sophisticated cyber technology. They went old-school: they just started cutting the fiber optic cables in various regions in the country. Their official statement claimed that “alternative options” would eventually be provided to maintain connectivity needs.

The official justification provided by the regime was to prevent 'vice'. A vague, sweeping excuse that invariably becomes the default mask for deeper state control and the suppression of dissenting views. This act of infrastructure destruction has intensified the isolation for millions under the Taliban's increasingly harsh rule.

This infrastructure sabotage is the crucial point. Once the hardware foundation of  communications is broken, no amount of software ingenuity, proxies, VPNs, or clever tricks that can fix snapped fiber. This is a problem beyond software-based circumvention. There is no software solution for broken hardware.

The only true workaround for such a physical blackout is satellite internet, which bypasses all ground-based infrastructure. However, with hardware costs for services like Starlink around $400 USD plus a steep monthly fee, the option remains financially out of reach for the vast majority of Afghans, for whom that cost represents several months’ salary.

The Worst Digital Control?

In some ways, yes. In its current state, the Afghan situation represents a severe and absolute level of digital control that differs fundamentally from more widely discussed censorship models. Even North Korea has its own intranet, NaeNara. It is tightly controlled but at least allows limited domestic communication. They also didn’t bother building a sophisticated censorship system like China’s Great Firewall, which is designed to suppress dissent while still permitting economic activity and global trade. Instead, the regime in Afghanistan totally annihilated the country's digital connection.

This incident represent Afghanistan as the brutalist extreme of digital control by performing the destruction of the very medium itself. However, the tools of digital control are not exclusive to totalitarian regimes but can emerge through regulatory policy in a democracy. Other models of restriction are being tested and implemented globally including here in Malaysia.

Censorship by Redirect: The Malaysian Experiment

Last year, the Malaysian Communications and Multimedia Commission (MCMC) issued an order ostensibly to "protect" citizens from sites deemed harmful (gambling, pornography, scams) by implementing a DNS redirection order

How exactly does DNS redirection work? The Domain Name System (DNS) is the internet’s essential directory service. When a user types a domain name, their device queries a DNS server to translate that name (e.g., youtube.com) into its numerical IP address (e.g., 142.250.190.14).

A government-issued DNS blocking or redirection order instructs local ISPs to direct all their users’ traffic through approved DNS servers. If a user requests a "blocked" domain, the controlled server is configured to send them to a blank page or simply return no address, rather than the correct one.

The Porous Barrier and Its Reinforcement

DNS-level censorship is historically porous as it relies on user complacency. Users can easily switch to a different DNS provider (such as a public resolver operated by Cloudflare, Google, or Quad9) via their device's network settings. The moment this is done, the user's device begins asking the new, global resolver for directions, bypassing the local ISP's government-mandated server. Since these global resolvers are outside the national censorship order, they provide the correct IP address, and access is restored.

Basically, the DNS block only affects default users or the ones who never change their settings and keep using those government-controlled DNS servers. Once word spreads, the block becomes practically useless. In Turkey’s famous 2014 Twitter ban, people spray-painted Google’s DNS address (8.8.8.8) on walls as public instructions. Within hours, half the country was tweeting again.

However, local ISPs have taken a technical step further to undermine this common workaround by implementing Transparent DNS Proxies. This is an invasive method where the ISP intercepts all outgoing DNS traffic before they even leave the local network and reroutes it back through its own local servers that follow the MCMC’s blocklist. This essentially makes it impossible for the user to bypass the local controls.

The Sinar Project and OONI (Open Observatory of Network Interference) verified the existence of this behavior through a combination of DNS leak tests, traceroute analysis, and packet inspection. These results confirm that users’ DNS queries were being captured and handled locally through these transparent proxies, preventing access to any alternate resolver and effectively enforcing government-mandated blocks at the root of internet navigation.

A Single Point of Compromise and Control 

DNS blocking highlights other equally important issues. Large public DNS providers like Cloudflare, Google, and Quad9 run global, battle-tested systems. They use encryption (DNS-over-HTTPS and DNS-over-TLS), verify records with DNSSEC, and operate sprawling networks with constant monitoring. Their engineers live and breathe uptime, patch management, and anomaly detection.

Now, contrast this with a government-mandated DNS cluster that has lower security maturity. Forcing ISPs to funnel traffic into a small set of government-operated resolvers would concentrate risk. Compromise, misconfiguration, or overload at that choke point would affect everyone. Local ISP resolvers and specially repurposed censorship servers often lack the same security hardening, logging discipline, and patch cadence as big public players. Furthermore, a government-mandated resolver can become a tool for surveillance by logging user queries and tying them back to IP addresses. Even if the resolver is secure against external attackers, it may be used for lawful (or unlawful) monitoring.

Defending Digital Freedom

It is true that some parts of the internet are dangerous and exploitative. While blocking truly harmful or exploitative domains might sound noble, censorship rarely stops at "just the bad stuff." It always comes at the cost of digital freedom and trust. This trust is rooted in the expectation that one's connection is private and that the government won't unilaterally decide what is "safe" to access.

A more effective and rights-respecting approach focuses on transparency and digital literacy: teaching users how to recognize scams, promoting secure browsing habits, and strengthening cyber defenses at the source, rather than restricting the flow of information for everyone. This approach includes utilizing tools like hash matching to block known harmful content by comparing its digital fingerprint against a database, without needing to inspect or censor all web traffic.

The digital crackdowns in Afghanistan and Malaysia both demonstrate the fragility of digital freedom, which remains highly susceptible to compromise by destruction or covert regulatory policy. Our digital freedom is assailed by many methods, and so our defense must be equally multifaceted. It requires both the physical fortification of the hardware that carries our data and the vigilant defense of the open software principles that ensure it flows freely.


Comments

Post a Comment

Popular posts from this blog

Malaysia’s Proposed Social Media eKYC Risks Repeating South Korea’s Mistake

-
Image
When Malaysia’s Communications Minister, Fahmi Fadzil, introduced a mandatory identity verification for social media platforms, it sparked quite a heated national debate. The proposal, under Malaysia’s upcoming Online Safety Act , aims to make electronic Know-Your-Customer (eKYC) checks mandatory for all social media users. This is a process where users verify their identities using MyKad, passport, or MyDigital ID before being allowed to post, comment, or even create an account. While eKYC is an established practice in high-risk services like banking, requiring it for the dynamic and expressive world of social media would vastly increase both its intended purpose and its potential for misuse. There are no denying the problems the government seeks to tackle: curb widespread online scams, hate speech, and child exploitation. Proponents insist that removing anonymity is a necessary and effective deterrent against these abuses. But looking closer, there are serious concerns from this mea...
Read more

Grand Theft FOMO 📈🤑

-
Image
  There are two things you need to do to survive in bad economy which is 1) Live below your means  2) Avoid scams The worse the economy gets, the more scams there will be. Desperate people scam, and desperate people get scammed.  These terrible people have quite mastered the art of manipulation. They sell illusion of opportunity with the intention of theft. Opportunities of romance, a new job, escape from trouble, etc etc. Even if it loooks and sounddss convincing 🤨, your discernment could always fail you.       “There are 200 phone numbers in this WhatsApp group chat. There’s no way all ofthem are scammers.”     Yes — all of them are.     “This is way too elaborate to be a scam.”     Scamming is a lucrative business. It need and can afford to look convincing.     “If they’re not legit, how did they get my IC, my address?”     Do you know your personal details are being s...
Read more