Russian Censorship of Telegram

Internet censors have a new strategy in their bid to block applications and websites: pressuring the large cloud providers that host them. These providers have concerns that are much broader than the targets of censorship efforts, so they have the choice of either standing up to the censors or capitulating in order to maximize their business. Today's Internet largely reflects the dominance of a handful of companies behind the cloud services, search engines and mobile platforms that underpin the technology landscape. This new centralization radically tips the balance between those who want to censor parts of the Internet and those trying to evade censorship. When the profitable answer is for a software giant to acquiesce to censors' demands, how long can Internet freedom last?

The recent battle between the Russian government and the Telegram messaging app illustrates one way this might play out. Russia has been trying to block Telegram since April, when a Moscow court banned it after the company refused to give Russian authorities access to user messages. Telegram, which is widely used in Russia, works on both iPhone and Android, and there are Windows and Mac desktop versions available. The app offers optional end-to-end encryption, meaning that all messages are encrypted on the sender's phone and decrypted on the receiver's phone; no part of the network can eavesdrop on the messages.

Since then, Telegram has been playing cat-and-mouse with the Russian telecom regulator Roskomnadzor by varying the IP address the app uses to communicate. Because Telegram isn't a fixed website, it doesn't need a fixed IP address. Telegram bought tens of thousands of IP addresses and has been quickly rotating through them, staying a step ahead of censors. Cleverly, this tactic is invisible to users. The app never sees the change, or the entire list of IP addresses, and the censor has no clear way to block them all.

A week after the court ban, Roskomnadzor countered with an unprecedented move of its own: blocking 19 million IP addresses, many on Amazon Web Services and Google Cloud. The collateral damage was widespread: The action inadvertently broke many other web services that use those platforms, and Roskomnadzor scaled back after it became clear that its action had affected services critical for Russian business. Even so, the censor is still blocking millions of IP addresses.

More recently, Russia has been pressuring Apple not to offer the Telegram app in its iPhone App Store. As of this writing, Apple has not complied, and the company has allowed Telegram to download a critical software update to iPhone users (after what the app's founder called a delay last month). Roskomnadzor could further pressure Apple, though, including by threatening to turn off its entire iPhone app business in Russia.

Telegram might seem a weird app for Russia to focus on. Those of us who work in security don't recommend the program, primarily because of the nature of its cryptographic protocols. In general, proprietary cryptography has numerous fatal security flaws. We generally recommend Signal for secure SMS messaging, or, if having that program on your computer is somehow incriminating, WhatsApp. (More than 1.5 billion people worldwide use WhatsApp.) What Telegram has going for it is that it works really well on lousy networks. That's why it is so popular in places like Iran and Afghanistan. (Iran is also trying to ban the app.)

What the Russian government doesn't like about Telegram is its anonymous broadcast feature­ -- channel capability and chats -- ­which makes it an effective platform for political debate and citizen journalism. The Russians might not like that Telegram is encrypted, but odds are good that they can simply break the encryption. Telegram's role in facilitating uncontrolled journalism is the real issue.

Iran attempts to block Telegram have been more successful than Russia's, less because Iran's censorship technology is more sophisticated but because Telegram is not willing to go as far to defend Iranian users. The reasons are not rooted in business decisions. Simply put, Telegram is a Russian product and the designers are more motivated to poke Russia in the eye. Pavel Durov, Telegram's founder, has pledged millions of dollars to help fight Russian censorship.

For the moment, Russia has lost. But this battle is far from over. Russia could easily come back with more targeted pressure on Google, Amazon and Apple. A year earlier, Zello used the same trick Telegram is using to evade Russian censors. Then, Roskomnadzor threatened to block all of Amazon Web Services and Google Cloud; and in that instance, both companies forced Zello to stop its IP-hopping censorship-evasion tactic.

Russia could also further develop its censorship infrastructure. If its capabilities were as finely honed as China's, it would be able to more effectively block Telegram from operating. Right now, Russia can block only specific IP addresses, which is too coarse a tool for this issue. Telegram's voice capabilities in Russia are significantly degraded, however, probably because high-capacity IP addresses are easier to block.

Whatever its current frustrations, Russia might well win in the long term. By demonstrating its willingness to suffer the temporary collateral damage of blocking major cloud providers, it prompted cloud providers to block another and more effective anti-censorship tactic, or at least accelerated the process. In April, Google and Amazon banned­ -- and technically blocked­ -- the practice of "domain fronting," a trick anti-censorship tools use to get around Internet censors by pretending to be other kinds of traffic. Developers would use popular websites as a proxy, routing traffic to their own servers through another website­ -- in this case Google.com­ -- to fool censors into believing the traffic was intended for Google.com. The anonymous web-browsing tool Tor has used domain fronting since 2014. Signal, since 2016. Eliminating the capability is a boon to censors worldwide.

Tech giants have gotten embroiled in censorship battles for years. Sometimes they fight and sometimes they fold, but until now there have always been options. What this particular fight highlights is that Internet freedom is increasingly in the hands of the world's largest Internet companies. And while freedom may have its advocates -- ­the American Civil Liberties Union has tweeted its support for those companies, and some 12,000 people in Moscow protested against the Telegram ban­ -- actions such as disallowing domain fronting illustrate that getting the big tech companies to sacrifice their near-term commercial interests will be an uphill battle. Apple has already removed anti-censorship apps from its Chinese app store.

In 1993, John Gilmore famously said that "The Internet interprets censorship as damage and routes around it." That was technically true when he said it but only because the routing structure of the Internet was so distributed. As centralization increases, the Internet loses that robustness, and censorship by governments and companies becomes easier.

This essay previously appeared on Lawfare.com.

Posted on June 13, 2018 at 6:55 AM • 36 Comments

Comments

asdfJune 13, 2018 8:48 AM

Sadly GitHub, a company that boldly stood up against censorship despite incurring financial costs from nation state reprisals, that was recently acquired by a tech corporation.

zipJune 13, 2018 8:57 AM

Nice writing. A couple of points though.

What is Telegram's business model? It claims to have none, yet it has the same type of information available as Facebook has over Facebook Messenger users: Most users use TLS-encrypted messaging because E2EE is such a hassle and doesn't even work cross-platform. The point is, Telegram developers can in overwhelming majority of cases read peoples' messages. I understand the censorship of crappy such security product deserves equal amount of attention and defense as e.g. Signal would: that's how precedents get made.

Everyone should know Durov better:

In 2005, Pavel completed his training at the Faculty of Military Studies of St. Petersburg State University with a specialization in Propaganda and Psychological Warfare. While training with the Faculty of Military Studies, he served as Platoon Commander of the Philology Department. Upon completion, he was awarded the title of Lieutenant of the Reserve Force.

[1] http://www.webcitation.org/6Bs5Y8Y5I

The http://telegra.ph/Why-Isnt-Telegram-End-to-End-Encrypted-by-Default-08-14 is full of misleading notions and whataboutism. It's sad really. Stay away from the app for anything you don't want the world to know.

Sok PuppetteJune 13, 2018 9:14 AM

As centralization increases, the Internet loses that robustness, and censorship by governments and companies becomes easier.

You, and way too many other people, write like that's a done deal and can't be reversed.

There are tons of projects to redecentralize, but they tend to have trouble reaching critical mass. Part of that is because there are so many of them and they compete with each other. Part of it is that not enough people are really feeling the push to move yet. Part of it is that a lot of the tools are immature and not very newb-friendly (although the people who think decentralization is intrinsically unusable are wrong).

But part of it is because of a prevailing defeatist atmosphere to which you are contributing.

Why not at least mention things like IPFS, Maidsafe, Briar, things layered on I2P (Syndie, Bote), things layered on GNUnet, etc, etc. The stuff that's listed at http://redecentralize.github.io/alternative-internet/ ?

WarrenJune 13, 2018 9:26 AM

It would be amusing to see Russia simultaneously block the Google Play Store, Amazon App Store, etc for Android apps - wonder how long such a "ban" would last?

Would they start their own app stoe for Android apps?

Who?June 13, 2018 11:16 AM

Bruce wrote:

Telegram might seem a weird app for Russia to focus on. Those of us who work in security don't recommend the program, primarily because of the nature of its cryptographic protocols. In general, proprietary cryptography has numerous fatal security flaws. We generally recommend Signal for secure SMS messaging, or, if having that program on your computer is somehow incriminating, WhatsApp. (More than 1.5 billion people worldwide use WhatsApp.) What Telegram has going for it is that it works really well on lousy networks.

If I were an intelligence agency, make noise on vulnerable services would be a good strategy. Now Telegram may become more popular amongst people that are not true security experts but need privacy to evade a government. They will read news about Russian government trying to block it and they will think "it must be secure."

The number of people using a service like WhatsApp is by no means an indicator of its quality or fitness for a purpose. The most popular operating systems are Windows, in any of its phone-like incarnations, MacOS and Linux. No one of these operating systems would be my choice for security or even stability.

Who?June 13, 2018 11:31 AM

Governments, and their intelligence agencies, are worried about:

  1. Cryptography that cannot be easily broken;
  2. services that allow reaching a large audience or are too distributed as to be easily controlled (e.g. to quickly and effectively remove some content); and,
  3. services that support some sort of anonymity.

Internet must become a decentralized network based on open standards again. Hope it is not too late.

dvvJune 13, 2018 11:45 AM

Ironically enough, the distributed nature of the Internet works best for DDoS attacks now. And this situation only further promotes the centralization of the Internet: there's no chance for a little guy to withstand a proper DDoS attack — unless said guy has enough money for and/or goodwill from the likes of Cloudflare or Google.

mngrJune 13, 2018 12:21 PM

@Who?

"The most popular operating systems are Windows, in any of its phone-like incarnations, MacOS and Linux. No one of these operating systems would be my choice for security or even stability."

What do you consider a stable or secure system?

MarkHJune 13, 2018 1:26 PM

Bruce forgot to mention, that Russia is always the Poor Innocent Victim of the Cruel Wicked West, and that the IP blocking is undoubtedly a CIA false-flag operation intended to discredit Poor Innocent Russia and to justify further Cruel Wicked Aggression.

There, fixed it.

HumdeeJune 13, 2018 2:55 PM

@Bruce writes, "That was technically true when he said it but only because the routing structure of the Internet was so distributed. As centralization increases, the Internet loses that robustness, and censorship by governments and companies becomes easier."

This is one of those half-truths. It is not as if the fundamental infrastructure of the internet has changed but rather the top level has been co-opted making the ability of the little guy to leverage the distributed nature of the internet more expensive. As someone has pointed out already, ddos attacks would not work if the internet had truly become centralized; what has become centralized is the value-added services that people have become accustomed to and don't want to live without. Maybe we should called this phenomenon as "tech giant dependency" in the same way that some in the third world like to talk about "first world dependency".

https://en.wikipedia.org/wiki/Dependency_theory

Who?June 13, 2018 3:34 PM

@ mngr

For general purpose computing my choice is any good BSD (Free/Net/OpenBSD). For security OpenBSD, but I will probably look at seL4 too.

Bruce SchneierJune 13, 2018 8:23 PM

@ Sok Puppette

"'As centralization increases, the Internet loses that robustness, and censorship by governments and companies becomes easier.' You, and way too many other people, write like that's a done deal and can't be reversed."

I didn't mean to write that way. I don't think it can't be reversed.

Apologies.

65535June 13, 2018 9:26 PM

Bruce S. makes a good point about the centralization of the internet which is the exact opposite of the original purpose of the internet.

“John Gilmore famously said that "The Internet interprets censorship as damage and routes around it." That was technically true when he said it but only because the routing structure of the Internet was so distributed. As centralization increases, the Internet loses that robustness, and censorship by governments…becomes easier.”-Bruce S.

Because large internet companies were funded by data mining users digital conversations and selling them we run into a dichotomy.

This is where large companies built upon data mining such as Google are used as shields such as “domain fronting’ to enhance privacy of certain messaging apps such as Telegram Russian censorship.

Next, I wonder if Google and Apple are really helping privacy or just causing the data to flow through their systems to gain a firmer grip on the data mining game.

It seems as Apple has crumbled to demands of China for removing privacy enhancing VPNs from Chinese based sales regions. Will Google do the same with domain fronting?

Bruce links to egadget to show how Telegram owner Durov is fighting the Kremlin to keep Telegram working and working on Apple devices in Russia.

“If you're wondering why Telegram hasn't updated its iOS app in two months, there's a clear reason for that, according to founder and CEO Pavel Durov. He says Apple blocked Telegram from issuing updates after Russia ordered the app's removal from the App Store last month.”- egadget

Oddly, egadget mentions a situation where Instapaper is temporarily dropping out of the EU because of non-compliance with GDPR rules:

“Telegram could follow Instapaper and other services by temporarily suspending service in the EU until it can resolve the matter.”-egadget

https://www.engadget.com/2018/05/31/apple-telegram-ios-app-russia-app-store/

If we follow the egadget links to the Instapaper situation we find Instapaper cannot comply with GDPR because of its privacy policy which indicates it sells it user’s data to about anybody.

https://www.engadget.com/2018/05/24/instapaper-temporarily-shuts-down-europe-gdpr/

The egadget link also links to instapaper’s term’s of privacy which seem to be leaking user's data rapidly:

“Instapaper also collects and stores information automatically and through the use of electronic tools that may be transparent to our visitors. For example, we may log the name of your Internet Service Provider, your IP address, and information provided by and about your Internet browser. As we adopt additional technology, we may also gather similar information through other means… We may also use "cookie" technology. Among other things, we may use cookies or other tracking technology for the purposes of storing your username and password hash to spare you from having to re-enter that information each time you visit… We use non-identifying and aggregate information to better design Instapaper, to suggest popular content to users, and to share with advertisers and publishers. For example: We may tell an advertiser or publisher that X number of people visited a certain area on our website… Instapaper contains social and sharing functionality, including: Others can view your most recent Starred articles if they know your username. Others can view your Unread, Archive, Starred, or folder contents if you reveal or share their associated RSS-feed URLs. External Services… External services beyond Instapaper's control are integrated with Instapaper where necessary, such as for advertising, and Localytics, Chartbeat & Google Analytics for traffic measurement and tracking… Deleting Information… You can delete your entire Instapaper account at any time at ... If you delete your account, all account information and saved page data is deleted from the Instapaper service immediately. Due to the nature of backups and logs, deleted data may persist in backups and logs until they are deleted.” -Instapaper Terms of privacy

https://www.instapaper.com/privacy

At the end of the long terms of privacy, even if you delete your data the data remains in logs until deleted - if ever. This would seem to violate GDPR. Also, note Instatapaper trades data with Google.

In short, the little data collectors are selling to the bigger data collectors to be sold to just about anyone. The result is Google’s grip gets tighter the more data it collects.

Is this just a big race to see who can collect the most data from users the fastest?

Next, poster zip notes Telegrams owner is a product of the military state:

“Everyone should know Durov better: In 2005, Pavel completed his training at the Faculty of Military Studies of St. Petersburg State University with a specialization in Propaganda and Psychological Warfare. While training with the Faculty of Military Studies, he served as Platoon Commander of the Philology Department. Upon completion, he was awarded the title of Lieutenant of the Reserve Force. [1] http://www.webcitation.org/6Bs5Y8Y5I “-zip

This maybe true and Telegram is a leaky system that may or may not provide data directly to the Kremlin. What is Telegrams true business model?

In summary, it is true that Google, Apple, Telegram and others provide a façade of keeping people’s data somewhat private such as Google’s help in domain fronting and Apple’s yet to be release of a new OS with better privacy protections.

But, is the real propose of Google, Apple and Telegram just to consolidate their position in the data mining business with a clever “privacy enhancing” items for its customers?

Then as Apple has done in China, reverse their stance and let censorship in occur for added profits.

Bruce S. is right true decentralization of the internet is need. We don’t need more clever internet gadgets scams which con-game us into thinking we are secure buying them when they are not secure.

WinterJune 14, 2018 12:28 AM

"Instapaper Terms of privacy

https://www.instapaper.com/privacy

At the end of the long terms of privacy, even if you delete your data the data remains in logs until deleted - if ever. This would seem to violate GDPR. Also, note Instatapaper trades data with Google. "

Indeed it is. Instapaper has (temporally) shut down its European operation.
https://techcrunch.com/2018/05/24/instapaper-on-pause-in-europe-to-fix-gdpr-compliance-issue/

Looks like the GDPR is doing at least some of the things it is supposed to do.


Also, the latest XKCD is on target:
https://xkcd.com/2006/

Steve37June 14, 2018 2:45 AM

It is well known that the whatsapp ecosystem is completely broken regarding security


How Did the FBI Access Paul Manafort’s Encrypted Messages?

https://slate.com/technology/2018/06/paul-manafort-how-did-fbi-access-whatsapp-messages.html

Special counsel Robert Mueller's team is requesting that witnesses turn in their personal phones to inspect their encrypted messaging programs

https://www.cnbc.com/2018/06/06/mueller-team-zeroes-in-on-encrypted-apps-as-witness-turn-in-phones.html

Sean Hannity suggests Mueller witnesses 'bash their phones to pieces'

https://www.theguardian.com/us-news/2018/jun/07/sean-hannity-mueller-witnesses-bash-phones


SO JUST USE TELEGRAM !

Clive RobinsonJune 14, 2018 3:35 AM

@ 65535,

Bruce S. is right true decentralization of the internet is need. We don’t need more clever internet gadgets scams which con-game us into thinking we are secure buying them when they are not secure.

There is no easy way to "decentralise" a large data network once it has centralised. Unfortunately all large data networks naturally centralise due to the simple rules of economics.

It's why the "All Roads Lead to Rome" or "wheel, spokes and hub" models arise. You see this with transportation networks including those of ships and aircraft.

Unfortunately for many people the modern Rome of the Internet is in the USA with it's distinct lack of privacy protection, and over inquisitive entities with "collect it all" mentality. But other major nodes all fall into Extended Five-Eye territory for historical economic reasons. Which combined gives rise to a level of monitoring that is difficult to defend against in civilian networks.

It's been clear for some years now that the USG along with the "Big Tech" companies will fight tooth and nail to try to keep things that way, as will the extended Five-Eyes for their own "Data Snooping" reasons, as Doha 2014 ITU event showed (but was largely ignored by people who realy realy should have known better).

What @Bruce has not mentioned is that funny little word "fragility"... As systems become more centralized they loose redundancy and thus become "fragile". Even simple "critical path analysis" shows where a "small device" or as is more likely these days "mini-sub" can cause all manner of problems (which might be one reason Divetechno just got sanctions listed by the US Treasury).

The next non-proxie war that major powers fight is likely to involve the data networks big time but possibly just for a few seconds, especially with a premtive strike from the center or main nodes.

In practice though it will realy start with a slow information build up of "faux-news" and "APT-code" deployment (as is currently happening). Followed by the very rapid exchange, not unlike that of High Frequency Trading, which will last a very short period of time and will in effect set who has the digital high ground.

As I've mentioned before the more dependent a nation is on high tech the more vulnerable they are to attack by high tech (as demonstrated by 9/11). But if such a nation alows it's high tech to become fragile then even very low tech attacks will work. It's why rodents teeth are by far the leader in bringing the Internet crashing down currently. Currently few if any nations are taking Internet "Defense" very seriously whilst others strangely have decided a first strike policy of "attack with no defence" is the way to go. The reasons for this outside the national entities is a matter of speculation but is very worrying. Thus defence against nation state attack is not nation-v-nation but the individual on their own. Under such overwhelming odds it is unwise to be connected to the outside world except for minimal necessary communications.

The Obama advertised "Internet Kill Switch" to disconect the US from the rest of the world as a defensive measure might give a sound bite but is a joke otherwise. Because it will not protect the US or any other nation in the slightest. This is due to APT-code having in built "attack payloads" that will recognise if the kill switch has been activated and wreak Cyber-Doomsday devices from the inside. The only way it could ever work is if you can guarantee 100% there is no APT-code inside that has a payload and detection system. Which as we know is not possible...

But it's not as though we are not aware of this. Back in the cold war, Russian Scientists proposed a nuclear Doomsday device using multiple Tsar Bomb devices in a converted oil tanker sailing in shallow waters. The Russian leader of the time recognised the issues and thus vetoed the idea. But we know from this that Russia is well aware of the Doomsday device concept so will almost certainly be aware of the capability if included in APT-code. Likewise any other nation that has even minimally studied the cold war nuclear history.

As I've pointed out a few times you need to segregate your systems such that your security end point is beyond your communications end point, and with modern electronics being the way they are certainly not on the same devices, without lots of precautions way beyond most mortals and deities.

Sancho_PJune 14, 2018 4:47 AM

@Bruce, Sok Puppette, RE: Centralizing the Internet

You guys seem to mean „centralizing“ as a technical issue, so there would be a technical mitigation feasible.
But I don‘t think so, as it is not a technical issue.

Yes, centralizing is also done technically (bigger servers, nodes, ...),
but the crucial part is done in centralizing the business structure:
Less and less entities run the Net, and corporate business runs the world.

Monopoly is the end of choice and freedom, and there is no way back,
because there is no political will to hamper business, on the contrary.
They know it is too late.

Nature will strike back, though.

Sancho_PJune 14, 2018 4:53 AM

@dvv, Humdee, RE: Centralizing the Internet and DDoS

I think DDoS is only possible because of (any) centralisation + insolence.
My router, regardless how riddled by malware, can not do any harm to any hosting service.
It is my ISP by bundling 11723 of it’s customer‘s routers (part of the botnet) and hammering the very same (DDoS) request out through it‘s big pipe.
Because 257 ISPs do the very same it makes the innocent request a dangerous tool.

So centralisation powered by insolence („we are not reliable so we don‘t care, on the contrary, we‘ll also sell some form of protection against DDoS to our valid customers“) are the cause.

Sancho_PJune 14, 2018 4:57 AM

@Winter, RE: XKDC link

Why does it remind me to entering the US and the CBP agent asking for my social media handles and accounts?

Only that in capitalism I‘d set the prize of my data, not the officer :-)

Clive RobinsonJune 14, 2018 9:06 AM

@ Sancho_P,

You guys seem to mean „centralizing“ as a technical issue, so there would be a technical mitigation feasible.

It's not actually a business issue either it's a little more basic than that. As I noted above it occurs as an economic issue, but that is bassed on something a little more fundemental still. That is underneath it all is the basic idea of the lowest cost / efficiency metric.

That is mostly it is one of two basic drivers that make the choice of which node to connect to. The first is lowest cost option that meets the envisioned capcity. The second is specifically on that meets the best technical measure of importance. Either way it's about efficiency and it's economic effects.

BabakJune 14, 2018 12:13 PM

Maybe it is a show to fool people to use it more. Who knows that Telegram has connection with Russian government or not!
I am an Iranian. The only reason that it is popular in Iran is for its features.
You can upload files up to 1.5 GB.

BabakJune 14, 2018 12:22 PM

Also I have heard that IRGC (terrorist organization) has guided Iranian to telegram like a Border Collie Dog.

Babak

Ross SniderJune 14, 2018 6:11 PM

This general trend of American and foreign governments to censor, surveil, and propagandize domestic populations with new media technologies will be a centerpoint to the technology for decades to come.

Famously, Julius Caesar outlawed paper because it was too easy for spies and conspirators to use it for malicious purposes. Later, the FBI and CIA backdoored printer companies to install tracking data into all commercially available paper technology. That battle has lasted 3000 years and is still ongoing.

We'd fool ourselves to think these things were resolved by the "crypto wars".

Sancho_PJune 15, 2018 4:33 AM

@Clive Robinson

When I understand correctly, you are focussing on the technical side, too.
I do not deny technical centralizing, but it would not change the world.

To ban Telegram (or any other app, protocol, server, device, opinion, free speech) is not up to the (basically agnostic) technics, but to state + company policy.

When e.g. facecrook deems it „inappropriate“ then your outing will vanish, or your zwitscher account will be deleted, your new app will be never found at kookle, your secure cryptor will not be sold by armagon, and so on.

Single entities of corporate businesses, hand in hand with our corrupt regimes, will shape our future in a very subtile manner.

There is no one willing to stand up for liberty, let alone our canoe.

TatütataJune 15, 2018 11:49 AM

What is Telegram's business model?

That question applies to any "privacy" oriented company's business model... E.g.: DuckDuckGo, which is aggressively pushed by some browsers.

The Kremlin's boys should perhaps use some of that privacy technology themselves. The videos placed online by the Dutch board of inquiry into the shooting down of flight MH17 feature plenty of intercepted phone calls. Is it really possible that the "Russian" Buk crew simply used the Ukrainian cellular network to phone home, and just used allusive language without any further precaution? (OK, OK, it's all a brazen fabrication of anti-Soviet^W Russian propagandists).

65535June 15, 2018 9:44 PM

“There is no easy way to "decentralise" a large data network once it has centralised. Unfortunately all large data networks naturally centralise due to the simple rules of economics. It's why the "All Roads Lead to Rome" or "wheel, spokes and hub" models arise…Obama advertised "Internet Kill Switch" to disconect the US from the rest of the world as a defensive measure might give a sound bite but is a joke… Russian Scientists proposed a nuclear Doomsday device using multiple Tsar Bomb devices in a converted oil tanker sailing in shallow waters…we know from this that Russia is well aware of the Doomsday device concept so will almost certainly be aware of the capability if included in APT-code…I've pointed out a few times you need to segregate your systems such that your security end point is beyond your communications end point, and with modern electronics being the way they are certainly not on the same devices, without lots of precautions way beyond most mortals and deities.”-Clive Robinson

That was a depressing post and rather defeatist. I think Bruce S. wants to encourage people or at least try to encourage people to push for more decentralized and safer communications.

Free speech is in the USA Constitution and should be allowed. And hopefully this free speech should be free of eves dropping. This is not going to be easy. Nobody said it would be.

Segregation of digital devices from the internet for the average Jane/Joe citizen maybe cost probative and maybe “beyond most mortal and deities” but we should still strive toward some solution.

Most people are not rich or technically trained. Most people are not like Clive R with data-diodes, bread boards, Raspberry Pi devices, and other complex equipment at hand.

The solution maybe multifaceted where technical, legal, and economic and/or non-profit people come together and generate a solution. Giving up is not a solution.

Clive RobinsonJune 16, 2018 1:59 AM

@ 65535,

That was a depressing post and rather defeatist.

Yes it was depressing because it was an outline of the reality left after you start to strip the "sugar coating" away.

But it was not intended in any way to be defeatist.

In general you have to understand the causes and reasons of a broken device or system before you can reliably fix it.

The ITSec playing space is full of people looking for quick or easy fixes nearly all offered turn out to be less effective than putting a sticking plaster on a broken leg etc.

That is the real depressing fact as well as being the major impediment to more sufficient privacy for individuals.

In general as you are aware I actually try to be proactive and provide information that people can use to their benifit, including how to build their own SCIFs etc.

However a SCIF even a proffessional one approved by the NSA for the highest levels of secrecy is of absolutly no use if the use of a consumer device enables it to be trivialy defeated via an end run attack.

As our host @Bruce has pointed out ITSec like anything else is only as strong as the weakest link.

If the consumer market is such that it is in effect rigged to be the weakest link then that is where we have to start resolving things.

Free marketer's will argue that the market reflects the wishes of the consumer, but as both you and I know that is a load of bovine fertilizer. People buy what is made available by marketer led manufacturing. Thus all that is available realisticaly is products that the marketers hopes will boost their bonus. This is usually a "lowest common denominator" product with a little guilding and market spin. A process more often refered to as "Putting lipstick on a pig".

Thus the market will not move in the direction of security and even niche markets will die. Due to production differentials and 'product one' cost amortization making such devices five to ten times as expensive.

Thus something has to change. You could argue that Apple's premium priced products sell because of their security features. But a marketer not in Apple will ignore you and instead talk about "premium experience" due to what you would probably call "bells and whistles" features or fanboisum.

Thus the only option currently available to users to increase their security is "mitigation" of existing market products.

Sadly all forms of mitigation have costs attached be they financial, effort, convenience or other resource. All you can do is try to find a solution where the costs are acceptable to the group of individuals trying to communicate securely.

For a group of just two individuals the use of "One Time" codes and ciphers is probably the lowest cost financially, provided they can accept in return the increase in effort and skill set required for effective OpSec and KeyMan.

However most users will not be prepared to put in what is required for effective OpSec and KeyMan. Worse the issues of One Time codes and ciphers KeyMan does not scale well with group size.

Thus other mitigations have to be considered. One of which is to have two segregated systems, which is relatively cheap financialy and with a little care can be implemented in a way that requires minimal extra effort or knowledge from users, as I've indicated in the past. You don't need complex and sometimes way way over priced data diodes, just a relatively cheap printer and scanner and appropriate software.

I've even pointed out how fairly cheap and readily easily available digital audio fiber optic systems bassed on TOSLINK can be repurposed to act as normal Data Diodes.

If other people have ideas about other mitigations I'm more than happy to look at them. However the one rule that can not be broken is that of the locations of the security and communications end points and how you stop end run attacks on the security end point.

It is these rules that these so called secure message apps break and thus give the user a totally false sense of security. They are without doubt "snake oil" catagory products and there is no getting around that fact.

Worse such products can and are used to demonstrate "criminal intent" by prosecutors to deny defendents rights, as the latest twist in the Special Prosecuter case against the US Presidents previous associates demonstrates with the "revoking of bail due to foldering and WhatsApp usage" (from what I can gather no real evidence that foldering etc was used for what the prosecutors claim has been brought forward for our scrutiny). It's all part of the "plee barganing" game of doubling down on those who refuse to roll over when told to by US prosecutors.

OlegJune 16, 2018 3:44 PM

Everytime Russia fights against ISIS folk who bomb in Saint Petersburg subway - western media call it "to censor jurnalists". One should take into the account that from the end of soviet era Russian journalism culture did not become like journalism culture in the US or in Switzerland. Here in russia we do not have even the culture of real journalist investigations. We have no free media here neither (in sence of being able to fund itself well). So when all the rest world suddenly begins to take care of censorship the only thing to wish to you is to have the same journalists you wholeheartedly protect.
Of course it is much harder to delve into the history of russian journalism than to consume more simple, black and wight propaganda.

Telegram MessengerJune 17, 2018 7:53 AM

@Bruce
"but odds are good that they can simply break the encryption" ????

VJune 17, 2018 12:11 PM

Hello.

A link to medium blog (https://medium.freecodecamp.org/why-i-asked-my-friends-to-stop-using-whatsapp-and-telegram-e93346b3c1f0) currently references a paper (http://cs.au.dk/~jakjak/master-thesis.pdf) regarding MTProto. Is it still relevant? I mean, there is second MTProto version (https://core.telegram.org/mtproto), which mitigates some of those issues (like using SHA-1, all differences are here https://core.telegram.org/mtproto/description).

Also it sounds very strange: ... optional end-to-end encryption [...]. So if it's not enabled, then messages are sent as plaintext over the network?

MarkHJune 17, 2018 4:40 PM

@Oleg:

It seems to me, that Russian journalism was doing quite well in the years from the end of the USSR to the election of V V Putin.

MattJune 17, 2018 9:04 PM

@Clive in particular

Curious to hear your thoughts on what effect home-based 3d printing will have on this. Will it make widespread use of mesh networks easier for example as people print hardware at home?

Driveby IdealogueJune 18, 2018 1:43 AM

what if everyone ran their own messaging server from home like Hillary Clinton did? Would the internet explode?

Seriously though, if you want to analyze this situation, defining how an atomic amount of 'free speech' happens on the internet is wise. The widespread impediments to ordinary people operating their own server from home seems like the obvious issue here. So obvious and yet so absent from discussion that it makes one wonder about orwellian unthink.

As far as the big picture goes, it seems clear enough to me- if you are prohibited from operating your own FOSS messaging server from home (or your mobile phone or wherever you happen to be using 'the internet'), then you are being denied Real Free Speech. As we all basically are.

I mean seriously Mr. Schneier-

Internet censors have a new strategy in their bid to block applications and websites: pressuring the large cloud providers that host them.

You can type that with a straight face? I doubt it. People with censoring intent have been achieving their goals by pressuring the cloud^H^H^H^H^Hserver provider for the entire practical history of the internet. To call this a 'new' strategy strikes me as dishonest.

Clive RobinsonJune 18, 2018 2:04 PM

@ Matt,

Curious to hear your thoughts on what effect home-based 3d printing will have on this.

That is both easy and dificult to answer...

The easy answer is that the introduction of laser printers had a significant effect to not just the conventional print media but knocked on down the whole publishing chain. Thus we could expect similar results as to the replacment of light weight composit mechanical devices currently used in just about everything.

The hard answer is that the laser printer moved fairly rapidly into more areas than just printed media. This was mainly unexpected to most thus it was in effect a disruptive technology in those areas. The laser spawned other technologies such as inkjets that likewise moved into other areas and became disruptive technologies. At the very least they have made "Rapid CAD" possible.

I use both laser and inkjet technologies to make printed circuit boards and other electronic sub assemblies. Others I know use them to make etched foils for all sorts of mechanical items including the likes of specialised gaskets, the list is long, some 2D parts easily become 3D parts and the likes of model makers have become adept at building up such objects, kind of like custom Mechano.

You could look at 3D printing as being a logical follow on from inkjet printers, but the extra dimension adds a very significant increase of possibilities very few of which have been thought of yet.

All I can say realy is the ride is at the very least be interesting, but also I suspect fairly frenetic, so "hang on to your hat".

65535June 19, 2018 12:30 AM

@ Clive Robinson

I agree there is a lot of snake oil security products out there. Those products should be avoided. OPSEC is necessary and if one has the ability building an air gapped and energy gapped network that would be good. Yes, I understand security is not easy. I wish people were more pro-active in creating secure solutions.

@ Driveby Idealogue

“The widespread impediments to ordinary people operating their own server from home seems like the obvious issue here… it seems clear enough to me- if you are prohibited from operating your own FOSS messaging server from home (or your mobile phone or wherever you happen to be using 'the internet'), then you are being denied Real Free Speech.”

It can be done with some know-how and some hard work. There actually are people who do run their own systems from their home and get by well.

Somewhere around the Snowden revelations I did a quick survey of customers who actually ran servers from their home somewhat like Hillary Clinton and found a few who did but they also were fairly tech savvy and they tight lipped out their rigs.

It can be done but its not super easy and usually requires dynamic DNS and knowledge about Email servers and port 25 blocking. DDoS attacks and OPSEC.

[Part of 65535’s post in 2014 about port 25 blocking and home email servers]

“...The two customers I found both used Micros@ft Servers with Exch@nge and a dynamic IP with a “No-IP” type of DNS service. Their email servers do work – but both are using SSL/TLS only over standard ports.

“To maintain confidentiality for the customers I can only say one client uses a deprecated SBS 2003 with exchange over 443 and RWW ports [remote web workplace]. And, doesn’t use a mail forwarding service [Active Directory, DNS with A records – I did not ask about reverse look-up records].

“The individual's email recipients must a Pro version of Micros@ft client OS and accept the self-signed certificate, join his “domain” or be in his AD database [and accept the related security template for AD]. I assume the recipients reach the server by port 80 then go to port 443.

“The other client was more reserved in commenting. This individual uses Server 2008 and Exchange 2007 [with AD or directory services, DNS and so on]. This individual does use an email forwarder and “No-IP” style of dynamic DNS update via router [I forgot to ask about the certificate – probably has small group email base].

“I would guess very few people have access and an old SBS 2003 [or newer Server 2008 server with Exchange] plus the skills to make it work..”

https://www.schneier.com/blog/archives/2014/11/isps_blocking_t.html#c6682858

These people had an understanding of Microsoft products routing, DNS, SSL/TLS, avoiding DDoS attacks and a small number of trusted users and some of the users had to accept self-signed certificates. I assume it was more of a business thing than a wide open service like say Proton mail.

I also got the idea these owners of home email servers put in a lot of work and didn’t want to talk too much about their equipment.

Yes, home servers can be done but they are not easy to setup and run. I would also guess these email servers could draw attention from The Powers To Be and the less said about it the better.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.