Should have a (2017)<p>There were a number of techniques used to block access to information:<p>For websites under the .cat top-level domain, the .cat registrar got takedown notices. The only workaround for this was to publish elsewhere.<p>For other websites, blocking access required ISP intervention:<p>• Two ISPs (Euskaltel and Vodafone) pushed changes to their DNS servers—the ones that subscribers use—modifying entries for web sites that were being blocked. This would be detectable by clients doing DNSSEC verification (assuming the domains used DNSSEC, which hopefully they did!). It could be worked around by using a different DNS service (like Google's), or by running your own recursive resolver, or by using a VPN.<p>• Movistar was doing Layer-7 traffic inspection: For HTTP access, the IP address and HTTP Host: headers were examined. For HTTPS access, the TLS SNI (Server Name Indication) message was examined. The workaround was to use a hostname that the server would respond to, but which wasn't filtered: For example, web.ref1oct.eu instead of www.ref1oct.eu. The other workaround would be to use a VPN.<p>The lack mode of blocking was the most interesting. I've heard of the risks of SNI-based filtering, but hadn't seen it in the wild yet!