
Russia’s move to block Telegram another attack on online freedom of expression - DyslexicAtheist
https://www.amnesty.org/en/latest/news/2018/04/russia-move-to-block-telegram-the-latest-blow-in-government-assault-on-freedom-of-expression-online/
======
roryhughes
> Russia’s media watchdog to block the messaging app Telegram for its refusal
> to share users’ information with the government

Wondering if whatsapp is unblocked because it already is sharing users'
information?

~~~
y_molodtsov
The official version is that Telegram was used by terrorists who blew up the
metro in Saint Petersburg.

The real reason is more simple: it's mostly used by the small middle class,
people working in tech and business. The current laws in Russia were used to
block LinkedIn, but they didn't touch Facebook or Twitter — that would be too
much.

~~~
ktta
Wouldn't this move just make then move to WhatsApp and eventually beg the same
question as the parent comment?

~~~
y_molodtsov
It could be, but much more people use WhatsApp in Russia, people like my
parents who haven't noticed any laws against the free internet before. They
don't touch Signal or anything else as well.

------
mtgx
I'm not a fan of Telegram the app due to the fact that it doesn't enable end-
to-end encryption by default, but this is an interesting post by Durov, from
today:

> _The power that local governments have over IT corporations is based on
> money. At any given moment, a government can crash their stocks by
> threatening to block revenue streams from its markets and thus force these
> companies to do strange things (remember how last year Apple moved iCloud
> servers to China).

At Telegram, we have the luxury of not caring about revenue streams or ad
sales. Privacy is not for sale, and human rights should not be compromised out
of fear or greed._

[http://t.me/durov/76](http://t.me/durov/76)

Remember Telegram recently raised a whopping $1.7 billion from a coin
offering. It's also the reason I've been begging Signal to do something
similar for over a year now. Cryptocurrencies can provide the liquidity open
source projects need, and it can also help them stand against oppressive
governments.

[https://www.bloomberg.com/news/articles/2018-03-30/telegram-...](https://www.bloomberg.com/news/articles/2018-03-30/telegram-
raises-1-7-billion-in-coin-offering-may-seek-more)

~~~
r3bl
> It's also the reason I've been begging Signal to do something similar for
> over a year now.

Aren't they in the process of doing that with MobileCoin[0]?

I know the whitepaper is pretty sparse on information, but according to the
last paragraph in the whitepaper[1], it's designed to integrate with IM
platforms, and, according to the only tweet from their Twitter profile[2],
there is no ICO _at the time_.

[0] [https://www.mobilecoin.com/](https://www.mobilecoin.com/)

[1] [https://www.mobilecoin.com/whitepaper-
en.pdf](https://www.mobilecoin.com/whitepaper-en.pdf)

[2]
[https://twitter.com/mobilecoinone/status/960359924562739200](https://twitter.com/mobilecoinone/status/960359924562739200)

------
hnarn
The BBC stated 25 minutes ago (from this posting) that the block has started
to take effect.

>The Russian government has started to block messaging app Telegram, according
to reports from the local news agency Tass.

>Russia's media regulator had sought to block the app because the firm has
refused to hand over encryption keys used to scramble messages.

>Telegram had missed a deadline of 4 April to hand over the keys.

[http://www.bbc.com/news/technology-43752337](http://www.bbc.com/news/technology-43752337)

------
DmitryOlshansky
Not a single piece of interesting facts in the post. And Telegram still works
as of right now.

As the proverb goes: “Undue strictness of Russian laws was always compensated
by it being optional to follow them.”

~~~
y_molodtsov
The court order was issued a few hours ago, they will block it shortly.

~~~
csydas
I would question that. Rutracker is supposed to be blocked by order of
Roskomnadzor, but many isps here still are able to reach it. This happened
almost a year ago so it's not a matter of propagation, it's just poor or lack
of enforcement.

Telegram is also exceptionally popular here, so I have trouble believing it
will stick or do anything in the first place.

~~~
y_molodtsov
Well, it's blocked by all the ISPs I have in any place. Generally Telegram
will be blocked, and which is more imprortant, they will likely remove it from
the app stores in Russia.

~~~
amaccuish
Still unblocked for me, but got the VPN at the ready... Removal from the app
stores would be much more effective, at least on iOS.

------
seba_dos1
Just use XMPP already, we really don't need all this IM fragmentation again,
and as a bonus you won't be blocked.

~~~
leadingthenet
Why not something more modern, like Matrix?

~~~
Boulth
Because XMPP is modern too? Even Matrix' own FAQ [0] about that is full of
notes that "now XMPP does that too".

[0]: [https://matrix.org/docs/guides/faq.html#what-is-the-
differen...](https://matrix.org/docs/guides/faq.html#what-is-the-difference-
between-matrix-and-xmpp)

------
edhelas
Centralized, proprietary solution so easy to block. What did you expect?

~~~
ComodoHacker
Centralized =/= easy to block, let alone proprietary. They've said they were
preparing for that, so let's see.

------
chupasaurus
Telegram would be blocked in Russia by court decision made today at 8:33 UTC,
so this article is a bit outdated.

~~~
rqs
Well, at least Russian pretends they had court.

Go slightly south, there is other country that blocked Telegram long ago
without notify anybody.

~~~
golergka
[https://en.wikipedia.org/wiki/And_you_are_lynching_Negroes](https://en.wikipedia.org/wiki/And_you_are_lynching_Negroes)

~~~
simias
The USA is not "slightly south" of Russia

~~~
golergka
It's the same logical fallacy

------
TheForumTroll
I'm getting tired of all the Russia bashing. Sure Russia does a lot of bad
things but it smells a lot like someone wants everyone to look elsewhere.

Russia blocks Telegram while the US splits cables and installs snooping
devices between data-centers, use secret courts, monitors everyone, etc. Why
do we pretend Russia is such a problem when a lot worse stuff happens closer
at home every single day?

------
textor
I cannot imagine anyone here on HN arguing in good faith in favor of crackdown
on encrypted messenger "because terrorists". This is retarded and illiterate,
and the same goes for gun analogies. I get that many Americans are concerned
with gun violence, but at least here you ought to be able to try to not think
with your hindbrain, and instead consider whether your concern has any
relevance.

Normally that should be enough. Let me elaborate, though. First, there's
extremely little chance of uncovering any "terrorists" or any major criminals
by investigating the extant chats: competent lawbreakers delete incriminating
messages as soon as possible or communicate in secure chats to begin with, and
would do so especially if Telegram showed signs of cooperating with FSB. There
would, however, be a guaranteed influx of falsely accused. VK is a good
example: there are cases when people are incriminated for inciting hatred
because of something like a closed album with Nazi caricature memes, on the
grounds that "everything on VK is public"; there were multiple trials for
reposted messages. And so on. Most of this is simply due to some random asshat
spook trying to furter his career by hauling in a lot of "extremists" and
surpassing average "productivity". This is both inhumane and not economical.

More importantly, encryption is not analogous to guns because guns are hard to
manufacture and even harder to conceal, but software is different. You can
easily create your own encrypted messenger and nullify whatever efforts the
government is putting in suppressing current platforms. Signal Protocol is
open source, you know. Blocking Telegram would merely speed up the transfer of
terrorists to their own networks, and/or increase the popularity of platforms
which would not even shut down the channels with terroristic propaganda
(something Durov actually does).

There is no replacement to actual investigation, to fieldwork, to
international cooperation, to training of competent agents and infiltrators.
This is hard and risky, it's so much more easy to vantonly gather data,
threaten average citizens with your overreach and pretend to save the day.
Well, let me remind you that Boston bombing did not rely on any sort of
encryption. FBI received hints from FSB and interviewed Tamerlan way before
the event; Dzhokhar’s Facebook was insanely suspicious. They failed to notice
the threat. If the intelligence cannot successfully work with open information
like this, what more could they gain from Telegram?

------
justpasserby007
Oh, my. Just now I've seen second biggest federal news channel reporting on
the issue and... and advertising TamTam messenger (created less than 6 months
ago) or "even a better alternative" \-- ICQ, both of which, surprisingly, are
products of Mail.ru group.

That is __really weird__.

------
gingercoin
It seems that Telegram starts crowdsale ICO [http://crowdsale-
telegram.org](http://crowdsale-telegram.org)

~~~
slezyr
And registered their domain in Russia? They're smart...

Or scammers. Off cause it's scammers.

------
bjoli
Why hasn't Telegram implemented domain fronting? Did they really have so much
hubris that they thought this would never happen?

~~~
tptacek
Telegram hasn't even implemented proper end-to-end encryption; they still
actively advertise client-to-server encryption as a privacy feature. Domain
fronting is 10 years more advanced than their technology. Did you know they
can't E2E encrypt group conversations? A lot of people seem not to know that.

~~~
zzzcpan
As you can see having end-to-end or client-to-server encryption is irrelevant
to Russia. They suggested to implement a backdoor either way. Which they
absolutely can suggest to Whatsapp and Signal, since they are both centralized
too.

As I said before, end-to-end encryption in a centralized app is a joke and is
absolutely irrelevant for its threat model. But, whatever, security is a very
dirty industry.

~~~
tptacek
This is word salad. The point of end-to-end encryption is to provide
confidentiality to endpoints even when there's an untrusted relay; that's what
the "end" in E2E is.

~~~
zzzcpan
And your point is?

Let's go though this again. You still have to trust someone to implement E2E
encryption, guarantee said confidentiality and guarantee to keep it with each
update pf the app they provide, etc. It's absolutely the same as trusting them
to just not spy on you on their servers with client-to-server encryption. And
if they are forced to implement a backdoor, it doesn't matter whether they do
it on their servers or push an update to a supposedly secure app.

~~~
magic_quotes
> trusting them to just not spy on you on their servers with client-to-server
> encryption.

 _Everyone_ would eventually spy on you on their server. Either by voluntary
choice or being forced by some government entity. In this day and age it
doesn't even make sense to discuss any hypothetical situations where they are
not collecting (all of) your data.

> And if they are forced to implement a backdoor, it doesn't matter whether
> they do it on their servers or push an update to a supposedly secure app.

One of this things is not like the other. Remember, Signal-style e2e
encryption isn't concerned with individual safety that much, it's main aim is
the governmental mass surveillance. Server side data collection is, obviously,
completely transparent for the end user. Client side backdoor would be quite
inconvenient on that scale: the more it's used, the higher would be the chance
of discovery. Thus, presumably, it would be used less frivolously.

~~~
zzzcpan
You are making assumptions that are rather obviously false.

Every centralized app preserves an ability to eventually spy on you. End-to-
end encryption doesn't take it away.

If a government wants mass surveillance it either asks/coerces someone from
the company to implement a backdoor or blocks the app in the country pushing
people into mass surveillance friendly alternatives. So end-to-end encryption
cannot possibly protect from mass surveillance.

Client side backdoors obviously don't need to be pure client side either, only
revert back from end-to-end encryption to client-to-server encryption
preserving plausible deniability for the company. Possibly even leaving end-
to-end encryption in the app, just not enabled by default. Such change can
even be advertised as an improvement, like cross device chat history feature
or something.

~~~
magic_quotes
> Every centralized app preserves an ability to eventually spy on you. End-to-
> end encryption doesn't take it away.

Never said anything like that.

> If a government wants mass surveillance it either asks/coerces someone from
> the company to implement a backdoor or blocks the app in the country pushing
> people into mass surveillance friendly alternatives.

Yes.

> So end-to-end encryption cannot possibly protect from mass surveillance.

Are you arguing for mass surveillance friendly software? Decentralized
software? _What_ are you arguing? I'm completely lost there.

~~~
zzzcpan
I'm arguing that end-to-end encryption in a centralized app doesn't actually
do better with regards to any threat from its threat model as compared to
client-to-server encryption. It's sort of a fallacy, centralization cancels
out any benefits that end-to-end encryption is supposed to bring over client-
to-server encryption. So "but they have" or "don't have end-to-end encryption"
cannot be an argument.

------
ryanlol
This is a PR stunt for Telegram.

It’s not the first time Russia _pretends_ to fuck over the Durovs.

~~~
y_molodtsov
Can you unfold please? That still sounds as a conspiracy theory.

~~~
ryanlol
Telegram was developed in the VK offices in St. Petersburg and is deliberately
implemented in a manner which allows the operators to intercept the vast
majority of the chats on the platform.

Durovs have spent years pretending to live in exile from Russia, despite
regularly spending time in the country.

What exactly sounds like a conspiracy theory?

[https://twitter.com/ChristopherJM/status/910186197598838784](https://twitter.com/ChristopherJM/status/910186197598838784)
[https://twitter.com/Bershidsky/status/910169626989953024](https://twitter.com/Bershidsky/status/910169626989953024)

The theory that Telegram isn't controlled by Kremlin sounds far less credible
to me.

~~~
keldaris
> deliberately implemented in a manner which allows the operators to intercept
> the vast majority of the chats on the platform.

Could you elaborate on this please? Are you just referring to the fact that
the default settings don't enforce encryption or is there more to it?

~~~
rando444
I believe this person is referring to the fact that Telegram uses their own
encryption scheme instead of one of the more common standards.

In this scenario, while the encryption has never been broken, it is
theoretically possible that the creators designed the encryption in such a way
that knowing certain values would allow you to decrypt the communication.

This essentially allows the people that know the "secret" to be able to crack
the communication, while the users remain under the impression that everything
is private.

He's further suggesting that this "move to block telegram" is a stunt to try
and promote the idea that their encryption is not currently breakable (in a
bid to foster more adoption of the platform).

While there's no proof of any of this, personally I feel it's still within the
range of plausibility, and raises further questions about why they would
target only telegram and not other encrypted messengers ..

We don't know all of the details but it feels that there is more to this move
than what is being presented.

~~~
ryanlol
In Telegrams case there's no need to break any encryption, most chats simply
aren't encrypted (group chats cannot be).

Telegram is marketed as a secure encrypted messenger, but unlike other modern
encrypted messaging apps it requires the users to manually begin a "secret
chat". Very few Telegram users are actually aware of this fact.

Telegram also makes no attempt to conceal the metadata of the rare encrypted
conversations, compared to Signal which goes to significant lengths to ensure
that they can't even easily access their users contact lists.

~~~
reitanqild
> In Telegrams case there's no need to break any encryption, most chats simply
> aren't encrypted (group chats cannot be).

Chats, including group chats, are encrypted, just not end-to-end.

This works the same way as gmail and internet banking, and it means you have
to trust Google, your bank or Telegram.

Pretending it is wide open to anyone ("aren't encrypted") is misleading.

~~~
ryanlol
That's not what anybody means when speaking about encrypted messaging.
Referring to client-server encryption as encrypted messaging is misleading.

AIM, Facebook chat and Windows Live Messenger are all encrypted messengers by
that definition.

~~~
reitanqild
> That's not what anybody means when speaking about encrypted messaging.

Few people seems to know much.

> Referring to client-server encryption as encrypted messaging is misleading.

> AIM, Facebook chat and Windows Live Messenger are all encrypted messengers
> by that definition.

I can partly agree with you on that.

But the way you phrase it, people who don't know better might easily be misled
to think it is readable by anyone in between.

There are a few options between cleartext over telnet and the latest in
crypto.

------
tuyguntn
For Telegram haters, this means Telegram actually cares about your privacy
comparing to WhatsApp, Messenger and any other IM working in Russia without
problems. Anytime US government asks to share data, WhatsApp can provide it,
as they probably did in Russia (guessing of course)

~~~
r3bl
Ummm... there _is_ no encryption key for WhatsApp and Messenger to hand over.
That's what end-to-end encryption means.

Now WhatsApp _could_ theoretically push a malicious update, but there is no
way Signal could even theoretically hand over the encryption keys, because the
entire freaking point of their product is for them not to have a copy of those
keys.

Since Telegram _isn 't_ end-to-end encrypted (outside "secret chats"), they
_do_ have a private key that decrypts all the messages, since they only
encrypt in transit. Therefore, there is a private key to hand over to the
government.

~~~
oarsinsync
> Since Telegram isn't end-to-end encrypted they do have a private key that
> decrypts all the messages, since they only encrypt in transit

E2E encryption refers to transit encryption. The encryption is between two end
devices, rather than decrypted (and re-encrypted) between clients and servers.

It has no bearing on data stored at rest on the end device, and I have no idea
what either WhatsApp, Signal or Telegram does to the data at rest.

------
zpetrov
I'm from Russia. Let me be honest. I personally and many my friends do support
blocking Telegram.

We are full of this freedom-related bullshit. There is no freedom in the
Internet. Currently we share our private information with CIA. We don't like
it, but that's OK. Everybody still uses Facebook, Gmail, etc, etc. But when
Russian Federal Security Service whats to access user's private data,
everybody starts screaming. Shut up already.

~~~
MichaelMoser123
Really? They can put you in for a wrong repost, doesn't sound so swell.

~~~
zpetrov
Nope. In Russia you can post whatever you want as long as you don't cross the
law.

~~~
eukgoekoko
Nice try, lieutenant Petrov

[https://translate.google.com/translate?sl=ru&tl=en&js=y&prev...](https://translate.google.com/translate?sl=ru&tl=en&js=y&prev=_t&hl=en&ie=UTF-8&u=https%3A%2F%2Fmeduza.io%2Ffeature%2F2016%2F03%2F21%2Freposty-
ot-politsii-layki-ot-fsb&edit-text=)

~~~
zpetrov
meduza.io? That's a silly anti-Russian site, which is sponsored by criminal
Khodorkovsky. Nice try.

[https://www.kp.ru/daily/26577/3593566/](https://www.kp.ru/daily/26577/3593566/)

