I think they can and do. Doesn’t China block a bunch of sites?

To block a web page, you need to force all of the internet service providers to put that block in place. In most countries those service providers are not government run, so the government doesn’t have direct control over it.

That being said, all of the service providers in Brazil, except Starlink, did block X. Starlink refused for a bit, but eventually capitulated and put the block in place.

they have; brazil ordered all “local” internet and cell providers to block X traffic…..on top of restricting webtraffic, brazil doesnt want any X employees working in country until the company is compliant with their laws. so all offices are being closed as well

Brazil ordered the internet providers to block Twitter, but the internet service provider Starlink (SpaceX) refused to comply with the order.

Also Brazil decided to treat SpaceX as being in an economic group with Twitter and froze their assets to pay the fine Twitter got.

>Article 33 of the Brazilian Competition Law (Law No. 12.529/11) stipulates that: “companies or entities that are part of an economic group, in fact or in law, will be jointly and severally liable, when at least one of them practices a violation to the economic order”.

Twitter and SpaceX are generally seen as separate entities, but according to Brazilian law they are both part of the same economic group in practice. And the special treatment Twitter got from Starlink pretty much shows that they are.

Many countries can. And that is what Brazil did – it did not require X’s cooperation. Internet service is almost always provided by a local service provider and the local service provider must be a company registered in that country. Note that for pretty much all countries, other than simple sales/support staff, any company that does business in a country must be registered as a company domestically. (because governments want to tax local income) Well any locally registered company must comply with legal government directives and authorities.

“The Net interprets censorship as damage and routes around it.” –John Gilmore

Censoring the Internet becomes more difficult the more you need to scale it. To figure out why, let’s look at the ways you could block something:

– You could block DNS lookups to a given domain. That’s only doable on DNS servers that you control, and it’s trivial for most devices, even locked-down ones, to have custom DNS servers specified. In some environments, the *only* DNS server you can use is one provided by that environment, so mandating use of a government-run DNS server breaks those setups.

– You could inspect traffic and look for requests for a given domain. That’s becoming harder and harder, if not impossible, as the Internet has moved to TLS (encryption) by default. ~~When properly configured, a web server with TLS doesn’t reveal the site being asked for during connection setup.~~

– You could block traffic to IP addresses and ranges that are associated with the website. With most places using cloud providers, especially any place that’s large enough for a government to care about blocking, those IPs and ranges could change constantly, even multiple times an hour. If an IP or range you’ve blocked is later used by someone else, that someone else is now collateral damage until you remove them from the blocklist.

– Even if you do all of this, VPNs and services like Tor make it very easy to start connections from outside your country and therefore outside of your control. It would be necessary to block all of these as well, and they have lots of different methods for hiding themselves and bypassing different kinds of blocks.

– In the case of an app, you could pressure app stores into not serving the app in your country. This is actually pretty easy, because all you have to do is threaten their finances in your country. The problem is, this usually doesn’t affect people who already have the app installed, it doesn’t do anything about people sideloading the app or using alternate app stores, and it doesn’t do anything about people using the website in their browser.

When you are looking to block a small amount of websites, this is very difficult to do with a high amount of effectiveness. Countires like China want to block a *lot* of content, so they position themselves to inspect and filter basically *all* Internet traffic. Once you’ve set up that kind of framework, then adding a new site to the list is easy.

They can, it just usually highly frowned upon, but China is the best example of how it can be done.

They can. China famously blocks Google and everything else they don’t like. It’s all about what they turn a blind eye to – they’ll ignore some VPNs but if you go overboard or piss someone off..you’ll find it blocked too.

With a few exceptions, such as China, governments don’t run a big firewall controlling all traffic in and out of their country. This would be an extra step, bottle neck, point of failure etc, so it doesn’t typically happen.

What makes more sense is that all the local internet providers have their own traffic peering routes in and out of the country, allowing them to re-route traffic away from links experiencing downtime or congestion.

As a de-centralised solution, you’re less likely to have a single incident take down the whole country’s internet, but it means the government doesn’t have a single point they can apply restrictions too.

So, rather than using technology, they use policy. Internet Service Providers are companies operating in your country, needing to confirm to your rules and laws. It is not unreasonable for a country to expect companies to pay their taxes, build their data centres to building code, or follow requirements to block forbidden websites.

Where Musk thinks it’s different is that Starlink is using satellites not fibre cables buried in the ground, so its almost like he doesn’t understand that these blocks are imposed at the ISP level, not in a giant firewall around the country level. Almost like he doesn’t understand how technology works.

Fundamentally Internet is similar in many ways to simple mail. Your browser looks up the company address on yellow pages (DNS lookup), then packs a request into an envelope with that address, and sends it. After a while response comes back with some content.

Now imagine a country says “no more sending physical mail to Elon Musk!

Sure, you can ban sending to his home address. But what about his work address? After that is banned too, he can open a PO box. Or a new office. Or ask a friend to receive his mail for him.

You can force yellow pages to remove any mention of Elon Musk. But there’s other Yellow Pages, and also ones issued by independent company from UK, and 50 others.

The only way to *truly* enforce a ban – is to ask Musk himself to comply and not read any mail coming from a CA address. But even then, the sender can just send their mail through a friend located in NY (VPN).