How Signal Is Evading Censorship

Signal, the encrypted messaging app I prefer, is being blocked in both Egypt and the UAE. Recently, the Signal team developed a workaround: domain fronting.

Signal's new anti-censorship feature uses a trick called "domain fronting," Marlinspike explains. A country like Egypt, with only a few small internet service providers tightly controlled by the government, can block any direct request to a service on its blacklist. But clever services can circumvent that censorship by hiding their traffic inside of encrypted connections to a major internet service, like the content delivery networks (CDNs) that host content closer to users to speed up their online experience -- or in Signal's case, Google's App Engine platform, designed to host apps on Google's servers.

"Now when people in Egypt or the United Arab Emirates send a Signal message, it'll look identical to something like a Google search," Marlinspike says. "The idea is that using Signal will look like using Google; if you want to block Signal you'll have to block Google."

The trick works because Google's App Engine allows developers to redirect traffic from Google.com to their own domain. Google's use of TLS encryption means that contents of the traffic, including that redirect request, are hidden, and the internet service provider can see only that someone has connected to Google.com. That essentially turns Google into a proxy for Signal, bouncing its traffic and fooling the censors.

This isn't a new trick (Tor uses it too, for example), but it does work.

Posted on December 28, 2016 at 6:20 AM • 55 Comments

Comments

RonKDecember 28, 2016 6:35 AM

> This isn't a new trick

I vaguely remember an academic article on something a bit similar except that the "fronting provider" had to be actively complicit. It involved checking some header field and rerouting in the case that data passed some kind of cryptographic check.

Can anyone help me here? It's driving me crazy that I don't remember enough details to find it again...

ThothDecember 28, 2016 7:02 AM

@all, Clive Robinson

If you are using Signal with domain fronting via Google, this can be used as a give away for ISPs to send a TCP reset.

Imagine from an ISP's point of view (10,000 feet view of the entire Internet traffic system), assume that the ISP can see all it's own user's traffic regardless if it's encrypted or not. If you see a traffic that persistently access Google most of the time but does not go to other websites, you do be very suspicious assuming the user isn't browsing other webpages or using other network services when using Signal at the same time.

So here's how to emulate it:
- Google.com
- Google.com
...... few hundreds more Google.com packets
- Yahoo.com
- Facebook.com packets
- Schneier.com packets
- Google.com with a few hundreds more Google.com packets

So now you are an ISP tasked by the Govts to implement censorship on the network. If you see a ton of packets to Google.com but nothing else, wouldn't it raise a ton of suspicion ? Of course the user could be using a botnet and keep querying Google or accessing Google services but it seems so unnatural from a 10,000 feet view.

How do we improve the domain fronting technique with something easily do-able and simple to implement ? Quite obviously, mix in some Google searches and then redirect to actual webpages but drop the packets when they are received as you don't really want to actually read the webpages anyway as these are used for traffic obfuscation.

Another way is to use P2P message routing of encrypted messages amongst trusted peers in your contact list with some traffic noises as well just to throw off traffic analysis in case one or few of your peers are not very friendly or maliciously traitorous by deliberation or accident.

TatütataDecember 28, 2016 7:07 AM

Wait until Phishers catch on to that, and start spewing legit-looking links to Google or whatever...

RenDecember 28, 2016 7:19 AM

@RonK

Yes, the HTTP Host header is used to redirect to a service running on Google App Engine, which acts as a proxy for Signal's services.

Jeff MartinDecember 28, 2016 7:20 AM

I wonder how long until malware is using the same technique, if it isn't already. I appreciate the value for Signal users, but the phrase "Google’s App Engine allows developers to redirect traffic from Google.com to their own domain." doesn't give me a positive feeling.

CensorshipDecember 28, 2016 7:36 AM

@Gunter Königsmann

They don't necessarily have to use Google, they can implement a similar circumvention using other CDNs such as Akamai, CloudFlare, Azure or Amazon (this last one is the one that can circumvent Chineese censorship successfully).

WaelDecember 28, 2016 7:39 AM

if you want to block Signal you'll have to block Google.

It's been done before! China blocks Google, at least in the two cities I've been to, and that includes an autonomous region.

As for why countries block it, it must be political (brilliant observation, wouldn't you say?) :)

WaelDecember 28, 2016 7:54 AM

can block any direct request to a service on its blacklist.

So what does that say about "end-to-end" encrypted messaging apps that are not blacklisted by said countries? Things like WhatsApp and others?

It means they blacklisted what they don't have the capability to intercept. It's logical to deduce they can intercept what they haven't blacklisted.

Dirk PraetDecember 28, 2016 8:14 AM

@ Wael

China blocks Google, at least in the two cities I've been to, and that includes an autonomous region.

From a privacy perspective, isn't that actually a good thing ? 8-) On my home network, I'm kinda blocking Google on all but one isolated network segment. Facebook is even blocked everywhere.

@ Thoth

Another way is to use P2P message routing of encrypted messages amongst trusted peers in your contact list with some traffic noises as well just to throw off traffic analysis in case one or few of your peers are not very friendly or maliciously traitorous by deliberation or accident.

That's kinda what I2P and Freenet try to do.

@ Jeff Martin

I wonder how long until malware is using the same technique, if it isn't already.

Excellent point.

Warren HinckleDecember 28, 2016 8:25 AM

Another product placement by Bruce Schneier?

Understand that Signal receives a significant amount of funding via the Open Technology Fund.

Furthermore Bruce is on the Board of the Open Technology Fund, which is a program run by Radio Free Asia under the auspices of the Broadcast Board of Governors.

The BBG is a CIA spin-off devoted primarily to spreading American propaganda overseas. Fake News that is.

Signal is a product of the national security state. Just like Tor.

WikiLeaks has published State Department memos which show that Google is also a willing partner of the National Security State.

You've been warned...

Scott HDecember 28, 2016 9:03 AM

I'm surprised that no one has pointed out that a simple MITM configuration thwarts this. In countries like Egypt with a few tightly controlled ISPs, one would easily imagine that installing the ISP's SSL/TLS certificate as a requirement for access.

AmberDecember 28, 2016 9:03 AM

For those prompting malware to do that sort of thing--they already have been for the last couple of months. Google has a known redirect vuln that, whenever you use a Google property (Drive, Docs, etc) and hook into the parameter "continue", you can redirect the user into a file or URL of any type. Details here:

https://www.aidanwoods.com/blog/faulty-login-pages/

Google has already stated that it's not an issue and won't be remedied.

WaelDecember 28, 2016 10:20 AM

@Dirk Praet,

From a privacy perspective, isn't that actually a good thing

Perspective-dependent :)

TazDecember 28, 2016 11:06 AM

Read the Google cautions with interest, so I'm asking a simple/direct question. Just what else is out there which can effectively conduct secure calls?

I'm still waiting on my Jack Pairs, ZRTP to Indonesia means too much latency, and just about every other secure communications system presents problems to users. Signal appears to be "it" - so what can be done? What are the usable alternatives?

Am baffled why this is truly as difficult as it is. 99%+ of the population just can't trust their phone system. And everywhere you turn, some government idiot is telling you that citizens don't deserve this capacity.

GNKDecember 28, 2016 12:47 PM

I may be paranoid, but I prefer sending encrypted SMS over using Signal servers. The Silence fork of Signal maintains this capability. Perhaps the government gets meta data, but my messages always go through and I am comfortable with the encryption.

CorriganDecember 28, 2016 1:40 PM

@Censorshp is right, the doman front method can be used with several CDNs. Amazon's works best and hasn't been shut down yet.

But, I suspect domain fronting will be short lived. There is no profit to be made by the CDNs and governments will resent having their vision obstructed. Not just China, all of them.

One way to mess up domain fronting is, as mentioned above, TCP resets from the IP provider or other gov/corp player. Since I have had a VPN service it happens all the time now, besides leaking via DNS 100%.

I would imagine breaking domain fronting is child's play for NSA.

Last grouchy comment: The link is to Wired.com with it's paywall. OK, you can get around it. But, why bother? The thing is with paywalls, you won't get LESS ads or NO ads, instead all your personal data will be spread around to various back room marketers and assorted surveillance corps for intense targeting, propaganda and censorship purposes plus more ads and higher fees. It never stops. Cable TV is the model.

I know resistance is futile, but I can't help it.

BrockDecember 28, 2016 2:18 PM

@Scott H

Certificate pinning would prevent a MiTM.

Also Signal has an countermeasure to prevent eavesdropping. Two random words are generated per call and if there's a difference then the call has been intercepted.

whisperDecember 28, 2016 2:55 PM

How cool that Signal is supporting free-speech...until it is found out that it is like the Whisper app by WhisperText LLC...in essence a "honey app" to populate more details in the users personas stored by that government of yours...


Whisper: The ‘anonymous’ messaging app that reportedly tracks your location and shares data with the Pentagon
https://www.washingtonpost.com/news/the-switch/wp/2014/10/16/whisper-the-anonymous-messaging-app-that-reportedly-tracks-your-location-and-shares-data-with-the-pentagon/


Reporters from The Guardian recently visited Whisper's headquarters in Los Angeles. What they discovered over the course of three days showed that Whisper not only kept tabs on accounts it deemed interesting — "military personnel," a "sex-obsessed lobbyist," and political staffers, to name a few — but that it retained that information for far longer than its Web site suggested.

Impossibly StupidDecember 28, 2016 3:16 PM

"...and the internet service provider can see only that someone has connected to Google.com"

How true is that really? No network admin worth their salary filters on domain names, they look at IP addresses. So long as Google segments their network (and they do appear to do that), user services like Apps should be easy to distinguish from actual services provided by Google.

CensorshipDecember 28, 2016 3:31 PM

@whisper Stop spreading lies, and go look at how much data OWS provided the FBI when they requested information about some Signal users.

whisperDecember 28, 2016 4:15 PM

@Censorship, it's not a lie but it is not very surprising if you want to make it look like it is...

DamonDecember 28, 2016 4:37 PM

@Censorship

It seems that '@whisper' was referring to another company (Whisper LLC) which is nothing to do with Open Whisper Systems the producer of the Signal app.


@Impossibly Stupid

Your handle also describes your comment. Read the research paper and understand how traffic is obfuscated. The guys implementing this technology know exactly what they're doing; you're just displaying ignorance through your lack of knowledge.


@All

Want to see how little data Signal keeps about you?

See Attachment A (page 3) under the 'Our Response' section :

https://whispersystems.org/bigbrother/eastern-virginia-grand-jury/

WhispererDecember 28, 2016 8:15 PM

@whisper - that's 'Whisper', not 'Open Whisper Systems' the new company. Read up on the split.

TJDecember 29, 2016 2:56 AM

I'm interested in how Signal handles a remote code execution and sandbox-escape zero-day package.. Or even just RCE since it has the connection manifest.

MetaDecember 29, 2016 9:41 AM

Signal still unfortunately collects metadata.

If someone were to get the information Google has on the Signal users (such as a google employee or the US Gov't via the security letters), it would be possible to figure out who each person of interest talked to. These would make for very interesting targets.

Additionally, Google services runs as a root user on Android devices and Signal application could be "updated" with a backdoor without the user's knowledge.

CensorshipDecember 29, 2016 10:21 AM

@javier

Can you point those errors and fix them on the Github repository of Signal? It's FOSS, and everyone would benefit from you correcting those errors. Unless you're just making that up.

Common SenseDecember 29, 2016 1:56 PM

@Meta

This has been addressed by Signal (Attachment A (page 3) under the 'Our Response' section)). If you call that metadata then you've got nothing to worry about!

https://whispersystems.org/bigbrother/eastern-virginia-grand-jury/

What if Google start collecting the metadata?

Well this is censorship circumvention. Read up how it works too and how users can use throwaway phone numbers to register.

What if there was a backdoor planted?

Then you've got bigger problems.


@javier

Signal is horrible, 100% interceptable
Many errors on the code

Where? Show me. Then read this:

A Formal Security Analysis of the Signal Messaging Protocol

https://eprint.iacr.org/2016/1013.pdf

Seems rock solid to me and to all of the other security experts out there.

The Signal code is also used in WhatsApp and even Google Allo (private chats) IIRC.

DmytriDecember 29, 2016 3:30 PM


Wire is better than signal (wire.com), it is a true multi platform system that does not require users to have a phone number and be willing to disclose it.


AlexDecember 29, 2016 4:33 PM

I went to install this on my phone, interesting how it needs permissions for literally everything on the phone.
I suppose this is required, but to me it represents an expectation of trust, which these days is equivalent to someone flipping you the bird.

TJDecember 29, 2016 5:53 PM

@Alex: All those manifest entries are awesome you don't even need a sandbox escape to identify the user..

I don't know and don't care about the MITM and meta-data stuff. I just see a lot of IT security celebrities telling billions of people how flawless Signal is because a security researcher designed it.. Which is true because governments couldn't possibly accomplish reverse engineering and binary exploitation or come up with the capital to just buy zero-days..

Don't disagree though this might get you dirty looks at the local starbucks..

sang sangDecember 30, 2016 5:03 AM

Might be one of those yummy apps that kids use to look for Wifi passwords.

https://usblog.kaspersky.com/switcher-trojan-attacks-routers/10628/

Bonus is if you install it on your Android device, it drills your router because your password sucks, then you could get one of those crypto lockers on your Smart TV. Turn off apps on your smart TV, it's to tempting for people to push a bogus app at it, and then lock you out of factory reset (though you can fix it if you know how to flash firmware properly, don't pay the exorbitant cost to fix it and especially not over your internet connection).

DroneDecember 30, 2016 6:07 AM

@Dmytri, Wire.com harvests a working Email connection you must provide. Remember, if it is "free", there's a 99% probability you are the product.

SandyDecember 30, 2016 7:26 AM

@Corrigan

"I know resistance is futile, but I can't help it."

What do you mean by this? Use a VPN or SSH service. I have not surfed for years without going through one.

PeterDecember 30, 2016 9:05 AM

@Drone
I was intrigued by the Wire comment above, but when I went to install it, it did come up with an Email request as well as a phone number request. It then asked for a string it supposedly sent. Having faked all of that, I couldn't go any further. I think I will go with Conversations.

RodneyDecember 30, 2016 3:58 PM

@Dmytri

Wire are a very suspicious outfit.

They copied part of Signal's code, removed the acknowledgements and claimed it as their own.

Wire then brought a lawsuit against Signal and dropped it in such a manner that they can never re-instigate legal action on the same grounds.

http://news.softpedia.com/news/wire-drops-lawsuit-alleging-extortion-from-signal-co-founder-503850.shtml


Wire also never originally encrypted communications BUT THEY LIED to users pretending they did. They were then forced to change their claims.

http://www.pcworld.com/article/2855745/new-communications-app-wire-tones-down-encryption-claims.html


Very suspicious and unethical behaviour by Wire. It's hard to trust them.

boring middle groundDecember 30, 2016 7:28 PM

The reactionary opposition to Signal (and Schneier's endorsement) are ill-considered, and obscure three issues with the app I think are worth discussing:

  • Moxie is against distribution of Signal through any other method than Google Play or allow the app to run without the Google service framework it uses for messaging, and is unwilling to collaborate with anyone who wants to make it possible: https://github.com/WhisperSystems/Signal-Android/issues/127
  • Moxie accused the people who did the hard work of porting Signal (an open source project) to WebSockets to solve the above issue of trademark infringement, and refused to federate traffic generated by that port, even if people put up money/maintenance effort to ensure it went smoothly: https://github.com/LibreSignal/LibreSignal/issues/37
  • Moxie believes that decentralization isn't going to work as a method of resistance or democratized communication because, in few words, because users are too stupid to take care of themselves or learn how. He has announced publically that this is his position for the foreseeable future: https://whispersystems.org/blog/the-ecosystem-is-moving/

There are terrible contradictions in these positions. Signal is released under the GPL, yet Moxie is hostile and combative about even polite forks of the code. Signal is supposed to hide metadata, yet they still send contact lists to their servers for discovery and force the user to trust that the server isn't going to hang on to them for any appreciable amount of time (https://whispersystems.org/blog/contact-discovery/). Moxie states in multiple links above that there are plans to improve the situation for interoperability with users that feel that consent re: Google or OEMs is important, but has rebuffed all efforts from outside his organization to work with him on it.

Frankly, I think it's a recipe for continued shitty tech elitism (if not utter disaster) to have one crypto celeb's contradictory opinions on software and security create a stumbling block to improving secure communications adoption like this. It's clear from the above that Signal is a dead end in terms of technology, adoption, education, and democratic communication. Whatever Moxie (literally, one person at the top of a San Francisco company) decides is apparently what goes.

Bruce, I understand your pragmatism, and some degree of your respect for the work of WhisperSystems, but as a senior advisor or board member or whatever, you need to reel this guy in and hold him accountable.

At this point in time, I can only recommend people use something like Ring, Semaphor, or Conversations if they need something usable "at street level". Never Signal. There's just too much to lose.

TJDecember 30, 2016 7:33 PM

@boring middle ground: How does anything in your post cover the people who criticize it for not needing a sandbox escape to identify users?

It looks like you just address policy critics..

boring middle groundDecember 30, 2016 7:40 PM

@TJ Sorry if I was a little clumsy there. I don't mean to assert that no other criticism of Signal is ineffective, just that most of the knee-jerk responses (like alleging that because OTF is an arm of Radio Free Asia (under USG State Dept), Signal is dangerous, or something) aren't helping anyone. Also, I wanted to bring to Bruce's attention that a lot of people who are moving forward from where Moxie has squatted aren't given attention because of the way this centralizing economy works.

DoxDoxDoxyDecember 30, 2016 10:20 PM

Time to more consumer communications security forward and push for transparently secure communications that can't be totally unzipped and Doxed via wikileaks from a single point security failure/loss. Lets take some action in the industry and legal space and get this fixed, not confuse consumers further.

aDecember 30, 2016 11:21 PM

Every post about Signal brings a new collection of comments making baseless accusations of Signal being a government-run program, Signal being insecure, full of bugs, etc. All of these accusations are provably false, as others have pointed out.

It doesn't take a conspiracy theorist to see that it's quite likely that at least some of these comments with such obvious lies are being posted by government employees looking to discredit Signal in the eyes of those interested in security. Unfortunately for anyone willing to look into it, Signal is and has been proven again and again to without exaggeration be the most secure form of technological communication in world history.

I admit it, I'm a shameless fanboy, but it's well deserved praise and it's better than being a government troll.

TJDecember 30, 2016 11:28 PM

@boring middle ground: "I wanted to bring to Bruce's attention that a lot of people who are moving forward from where Moxie has squatted aren't given attention because of the way this centralizing economy works."

That's not economy.. That's psychology.. Nobody uses Signal because they need protection(maybe 0.1%'ish out of the current number). They use it because a lot of security-celebrities told them too and because they told them to they can use it as a conversation piece with others who typically follow the same person.. Kind of like how Apple and Kali Linux works..

You have about as much luck getting people to look in to Russian anti-rootkit developers or why "secure coding practices" never worked..

anti-trollDecember 30, 2016 11:44 PM

@a:

All of these accusations are provably false, as others have pointed out.

"provably false" and "as others have pointed out"?

no one has as of yet proved anything false regarding that, just FYI.

but if it bothers you that these accusations are brought up, feel free to actually prove them false.

boring middle groundDecember 31, 2016 1:58 AM

@TJ Yeah, you're right. And given that the so-called "popular support" for security is by and large on the level of uncritical slacktivism like that of @a over there, it's not going to improve anytime soon.

Imagine if recycling or personal/public hygiene took serious critical thinking to even recognize as a problem (true in the 20th and 18th centuries respectively), but also required a willingness to learn and skepticism. Most anti-privacy and pro-privacy types are both about at the intellectual level of anti-vaxxers these days (especially considering that there's somewhat of an analogue of "herd immunity" for surveillance).

Of course everyone who's particularly marginalized in any way is left out in the cold, and the world gets worse as a result. The edge of the center is picked up by profiteering and self-satisfaction, and the fringe stays the fringe, or gets broken off by power as usual.

I don't know how anyone manages to work on positive political projects in this area, considering how [profanity deleted by moderator] thankless it is.

NoNameJanuary 2, 2017 2:51 AM

I need a software proxy (or VPN) with this traffic ofuscation similar to Signal, i live in an state where the www is very controlled by the GOV. Sites like pr0n, activism lgbt, dissidence, Gmail (email providers) and services likes P2P are in the blacklist and proxies too. If anyone knows please respond (NOTE: i don't create my own proxy/vpn because i no have paid methods on internet).

C U AnonJanuary 2, 2017 4:00 AM

@NoName :

If anyone knows please respond

The reason it works with Google, is it does not do sufficient checking, as the original bug report to Google TechSup showed.

That method is open and available to anyone who choses to avail themselves of the opportunity as the bug report indicated.

With a little reading you could set up your own Google arangment to do the same.

PeGeJanuary 3, 2017 3:16 AM

@RonK

Telex is the only anti-censorship approach I can think of that matches your description to some degree. It does however not involve checking some header field.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.