On Turkey, Twitter and SSL

Today, an attack on a peace rally (a peace rally!) in Ankara, Turkey left close to 100 people dead and many others injured. ‘Tragedy’ doesn’t even begin to describe what happened.

The Turkish government responded by banning the media from reporting on the issue. There were also rumours of Twitter being hard to reach from within Turkey, which wasn’t surprising given previous efforts by the Turkish government to ban the service.

Nicholas Weaver asked people to investigate what was going on. Using Hide My Ass, a VPN service, I was able to confirm I could reach Twitter from various Turkish IP addresses.

But then I noticed something odd. When using curl, I got an “Unknown SSL protocol error in connection to www.twitter.com:443” error. I got this error only when accessing Twitter from a Turkish VPN — I tried various Hide My Ass VPNs in difference countries — and only when accessing www.twitter.com, which normally redirects to twitter.com.

I don’t get the error in Firefox (Debian), but I do get the same error in the text browser w3m (which could use the same libraries). I’ve not been able to detect any difference between the server information and I get the same error when using curl -k, suggesting it is not a certificate issue. In verbose mode, curl gives the error right after reporting the sending of the client’s hello message.

I suspect this is entirely innocent — I assume Mozilla is doing a lot more to detect SSL/TLS shenanigans than curl, and they think everything’s fine — but I wanted to share this information, just in case.

NB As I only control the client side of the VPN connection, I’ve not been able to take useful PCAPs. There might be a way around this though. Suggestions are welcome.

Leave a Reply

Your email address will not be published. Required fields are marked *