An update to the Google App Engine has disabled a technique known as 'domain-fronting' which allowed blocked services to help users bypass state-level firewalls by passing internet traffic through a domain that isn't blocked by the government, thereby giving one free access to said blocked service.


Until recently, one could use Google's main domain - Google - as a front to achieve domain-fronting, which allowed services that are active proponents of anti-censorship efforts, such as Signal and Psiphon VPN, to pass encrypted data in and out of a country pretending to be Google-specific traffic, though it has also been used by hackers to illicitly obtain information.

The update disabling this technique was caught by developers over at the Tor network in the middle of a rollout on April 13th. In a statement to The Verge, Google said:

"Domain-fronting has never been a supported feature at Google, but until recently it worked because of a quirk of our software stack. We’re constantly evolving our network, and as part of a planned software update, domain-fronting no longer works. We don’t have any plans to offer it as a feature."


Read more: Google disables domain-fronting, removing ability to bypass state-level firewalls - Neowin