How, not just what: censors reserve TCP-reset for messaging, DNS poisoning for news

How a censor blocks is as telling as what it blocks. Voidly's new per-content-category technique view (/v1/measurement/category-techniques) crosses the blocking METHOD with the content type. DNS poisoning is the near-universal method — 74-91% of method-resolved blocking in every category globally — but several censors escalate to TCP-RESET / connection-level interference specifically for COMMUNICATION & messaging tools while leaving news at the easier-to-bypass DNS layer. Among 23 countries with enough categorised comms measurements: Iran reserves connection-level RST for 62% of comms blocking vs 15% for news (a 4x escalation); Pakistan 41% comms vs 0% news; Egypt 24% vs 0%; Cambodia and Myanmar RST 100% of measured comms blocking. The 'why' is practical: DNS poisoning is cheap but trivially bypassed (DoH, a custom resolver); TCP-reset injection requires the censor to watch and kill the live connection — costlier, but far harder to evade. Reserving it for real-time messaging suggests these states prioritise un-circumventable blocking of comms over news. China is the instructive outlier — it RST-blocks nearly everything (comms 58%, news 60%), a uniformly heavy apparatus rather than content-targeted escalation. HONEST CAVEATS: domain_category is the Citizen Lab test-list tag, present on ~23% of evidence; this is the composition of method-resolved blocking measurements (signal_level critical/elevated), not per-incident attribution; block_generic ('method unresolved') and IODA connectivity outages are excluded; some country-category cells are thin (read the per-cell counts — IR comms n=72, news n=116 and CN n=231/394 are robust; KH/MM have no categorised news, so no within-country contrast there). Live: /v1/measurement/category-techniques.