Hacker News new | past | comments | ask | show | jobs | submit login
Help users in Iran reconnect to Signal (signal.org)
1171 points by arkadiyt 26 days ago | hide | past | favorite | 388 comments

Hi, from Iran with love!

First of all, thank you moxie and signal team for this proxy.

Until 2018, many Iranians used telegram but Iran's regime after Russia blocked this messenger. telegram released mtproxy and this proxy was helpful. Russia lifted the ban on telegram but this app is still blocked on my country. but with VPNs, many iranians still use this app. after 2018, second most popular messaging app in iran was whatsapp, until facebook's new privacy policy, like all of you, many iranians switch from whatsapp to signal. mullah's regime removed signal app from the iranian app stores and started blocking all signal traffic in the country, but they don't block whatsapp. I'm not a paranoid but it is difficult to understand for me why they didn't block whatsapp after 2018? can they break whatsapp encryption?

I have a suggestion for signal team: please put tor in the signal, tor is better than any proxys or vpns.

I just set up one of these Signal proxies. Hope it helps you and others in your country communicate freely and safely. [1]

Regarding Tor: if you want a Signal-like app that uses an onion router look at Session. [2]

It uses the same encryption protocol and very similar UI to Signal but routes all traffic through the Loki network so your traffic passes through three nodes. It is an onion network like Tor.

One other benefit of Session is the lack of metadata inherent to its design. No phone numbers or even usernames are attached to your account. You get a set of characters that looks similar to a bitcoin address and a QR code to make sharing it easier.

Of course this lacks the convenience of Signal but it’s as hard to block as Tor.

[1] https://signal.tube/#signal.xanny.family

[2] https://getsession.org

Session has:

1. An associated crypto-currency (not outright bad but weird smell IMO) [1]

2. Abandoned perfect forward secrecy and deniability [2]

3. Never completed an audit (though supposedly one is in progress) [3]

There are a million and one encrypted chat programs out there. Why should I use this one?

[1]: https://github.com/oxen-io/oxen-mobile-wallet

[2]: https://getsession.org/session-protocol-technical-informatio...

[3]: https://getsession.org/faq/

I mentioned it because it has a seamlessly built in onion routing protocol. I read further down the thread that Tor is blocked in Iran, but I’m guessing the same is unlikely to be true of Loki/Oxen simply because it isn’t nearly as well known.

The lack of metadata is also quite a unique selling point in my eyes. There’s a million encrypted messengers now sure. How many automatically connect through an onion router with zero config required and don’t require you to create an account at all, but instead assign you a random ID disconnected entirely from your phone number, email, and other personal identifiers?

It’s certainly an option to consider is the only thing I’m saying. Tor was mentioned so Session popped into my head for the reasons mentioned above.

Regarding PFS. They currently implement the Signal Protocol. Session is of course FOSS so anyone can check this. Your source does say they’re planning to fork it as the Session Protocol later this year so it integrates with their network more easily. But that’s an upcoming, unfinished project. To be honest I don’t know much about it as it’s still in development. I do know that currently Session uses the Signal Protocol through an onion router without the need to so much as create an account.

And yes the network itself is a bit of a convoluted idea that tries to do many things at once, but the fact they run on a blockchain means they already have a lot of nodes set up in different countries around the world through which to route traffic, and the reason they could build a decentralised network quite quickly despite being a relatively young project is they incentivise those node operators with cryptocurrency.

Because it is a young project they are still undergoing audit yes. This is absolutely something worth noting. It’s a relatively new project. It’s no longer in beta, but nowhere near as well established as Signal. However it’s precisely because of this it’s unlikely governments are bothering to target it yet.

Jami and Tox are completely decentralized messaging systems. They are not directly associated with "blockchain" buzzword as well so they have that going for them, too.



Jami uses git and TLS to implement E2E encrypted chats.[1] That doesn't sound all that secure to me. I'd feel much more comfortable using a fork of Signal with an onion router.

I don't get the prejudice some have against blockchains either. It's not even like this is Keybase where they shoehorned a crypto wallet into the app. They do have a wallet but it's a totally separate application. Session is purely a messenger and nothing else, you'd have no idea a blockchain was involved at any part of the backend if you weren't told about it.

I have played around with Tox and it's a cool project, but it's been in beta since 2014 and is not well optimised for mobile at all. I don't think it'll go very far personally.

[1] https://jami.net/swarm-introducing-a-new-generation-of-group...

Session protocol is currently running on session now[1]. It’s actually the reason that they were able to allow up to 100 people in closed groups now.

[1]: https://getsession.org/session-release-roundup-10/

Looking at the technical writeup [1] it sounds like they're currently running a hybrid of the two as they do a staged rollout of the various changes they've made to the Signal Protocol.

But yes you are correct it looks like they're justifying ditching PFS by saying "if someone has your keys you're screwed anyway."

However they're not just stripping away security outright, it's more that they're betting on onion routing to cover the user instead - no one who is sniffing traffic on your WiFi network will be able to get your keys because the traffic is routed through the onion network, therefore the only way anyone would get those keys is by pwning your entire device or having physical access to it while it's decrypted which, as they note, is endgame no matter what messenger you use.

I don't necessarily think this is smart as it's best to not put all your eggs in one basket especially where security is concerned. But given all traffic goes between 5-7 nodes [1] the scope for someone without remote or physical access to your device to get your keys is extremely limited assuming their onion network is as secure as they claim.

As for deniability, they sign the message with the long-term keypair, but once the message is validated this signature is wiped. So again it pretty much comes down to relying on their onion routing to ensure this signature isn't intercepted in transit.

Finally I think it's relevant Session is really designed for a different use case than Signal - since your ID is not connected to any personal identifiers, you can wipe it whenever you want and get a new ID that has zero cryptographic connection to the old one. So while there's no ratcheting of keys, the intention isn't really for someone to stick with the same account for years like it is for Signal where your account uses your phone number as an identifier.

I'll wait for the results of the audit, if they come out and say Session is fundamentally flawed I'll happily concede. I have zero ties to this project aside from finding it useful for particular use cases. My prediction is the initial audit will find some potential vulns as they roll out more of the Session Protocol simply because it's a new fork. Probably why they're getting the audit done now. That's the responsible move when forking a crypto protocol it seems to me.

I maintain that for people who want a messenger that knows as little about them as possible, doesn't rely on a personal identifier, and connects to an onion router reliably (by comparison, using Tor on mobile is... not a good experience) it's at very least an interesting project to watch even if it still needs time to mature.

[1] https://getsession.org/session-protocol-technical-informatio...

Personally I love Session. I agree with their logic.

As we have seen, if they have your device, it’s over even if you use ratcheting etc.


My only annoyance with the crypto currency is that it doesn’t have a good UX yet. They have stated before though that Session will always remain free for everyone. I think compensating node operators in some capacity makes sense but if it’s not implemented well, node operators feel a bit screwed over.

Regarding your footnote #2 about PFS, it said this (among other things).

> In some theoretical scenarios, these properties do protect users; however the utility of these protections in real-world scenarios is often more limited in scope than might be expected. We must also consider that these safeguards are offered at the expense of additional complexity, decreased account portability, and multi-device limitations. These protocols were simply not designed to be run over a decentralised network.

I have to say, I’ve considered the utility of it myself. It seems to me that I’m far, far more likely to have my chats compromised through my chats being stored in plain text on my devices than in a technical scenario that PFS could have prevented. What do you think?

> My only annoyance with the crypto currency is that it doesn’t have a good UX yet. They have stated before though that Session will always remain free for everyone. I think compensating node operators in some capacity makes sense but if it’s not implemented well, node operators feel a bit screwed over.

Preface: i've been in it since 2011, but I entirely agree. It's still too complicated for most users, but we as community have gone a long way from where we were 10 years ago, so we certainly have blinders as to where to improve upon.

Could you specify what it is specifically that makes the overall UX so disappointing? I ask because I think we are now entering a phase of on-boarding a lot of non-tech people onto BTC network as payment settlement networks and other misc financial services, something I already have personal experience with, but having a tech person lime these out would be a tremendous help.


I haven't played with their crypto wallet honestly so I can't provide any kind of informed opinion on it. It's a fork of Monero, but Monero is more widely accepted. Although Monero's wallet has a terrible UX too so if they've forked their wallet too, that'll be why.

Session has a pretty nice UX though, better than Wickr which has been around longer, although not as refined as Wire. It's pretty much a more barebones Signal without phone numbers as far as pure UX goes. It should follow the system setting for dark mode though. No idea why it doesn't.

> I have to say, I’ve considered the utility of it myself. It seems to me that I’m far, far more likely to have my chats compromised through my chats being stored in plain text on my devices than in a technical scenario that PFS could have prevented. What do you think?

To be honest I agree. It's always good to have layers of security in case there's an exploited vulnerability in one. However, it seems pretty far fetched that someone with the ability to pull off a successful attack to grab your keys in the first place is going to be stopped from grabbing past messages by PFS.

If they've got your keys they've either cracked the layers of encryption that protect them in transit (highly unlikely) or they've pwned your device (much more likely). If they've got remote code execution on your device PFS isn't going to make any difference to anything. As you say, messages stored in plaintext is a far bigger real world risk.

This is why I always have disappearing messages on. That makes me feel safer than PFS. At least then in the worst case scenario past messages simply aren't there in storage.

To put it another way, if I had to choose between disappearing messages and PFS, and I could only have one, I'd choose disappearing messages.

And it does also seem to me less like they're removing security, more like they're relying on a different form of it. They're having to strip PFS to make the protocol work reliably on their onion network. The fact all my traffic goes E2EE through 5-7 nodes, as per the technical description, should provide a strong level of protection against any traffic sniffing threat model assuming their fancy new way of doing onion routing is as secure as they say.

It seems to me that's what it really hinges on. As long as their onion router is actually secure, the E2EE messages are going to be secure in transit.

The biggest risk then would come back to unpatched exploits or 0days in the OS or side channel attacks in Session itself. That's how most attacks on messengers succeed after all, not by complex attacks on the crypto protocol but through side channel attacks in the application or exploits in the underlying OS.

Interesting tidbits I'm reading about different chat apps targeted for privacy and security. On a related question, how do you rank the various prominent apps like Signal, Telegram and Whatsapp on their cryptographic security measures?

>Abandoned perfect forward secrecy and deniability...

I suspect that is the future for encrypted messaging. Pretty much everyone ends up keeping their old messages around thus negating the value of forward secrecy[1]. Deniability ends up being just some forgability scheme in most cases[2].

So the benefit of those features turned out to not be worth the extra risk of the added complexity.

[1]: https://articles.59.ca/doku.php?id=pgpfan:forward_secrecy

[2]: https://articles.59.ca/doku.php?id=pgpfan:repudiability

I don't understand the point of reinventing many wheels. Why not build a friendly chat app on top of established onion routing protocols (Tor/I2P), or add your own onion routing backend (proxy) to established federated chat apps like Conversations, which already has perfect Tor integration for Jabber/XMPP over .onion servers?

Also, Session is promoted as a non-profit project, but following links around about LokiNet and Oxen you find out about a blockchain-based cryptocurrency, which is known to be an anti-pattern on many levels (though they use Proof-of-Service not Proof-of-Work which is slightly less worse).

Finally, Session appears to be free-software (good), but is not distributed on F-Droid, the only privacy/security-friendly app store for Android. They encourage you to download random APKs from Google Play (which requires Google Play Services malware and a google account) or Github (owned by Microsoft, though i note they sign checksums with PGP on Github so it's safer to download from there than Google Play, even though they don't provide instructions on how to verify signatures). On F-Droid, they could either have F-Droid build/distribute the package with Fdroid's PGP key, or open their own F-Droid repo with their own PGP key (like Newpipe did), or both.

I really appreciate their communication around dissent and the need to protect communications to help the people against their governments. However these three points i just noted are really shady to say the least. I understand they need to please investors to put money in their fridges, however trying to mix for-profit incentives with non-profit services to the communities is always a dead-end.

Here's my Signal proxy, I hope it helps someone:


> can they break whatsapp encryption

They don’t have to, they just need Facebook to cooperate.

I think you mean the phone vendors, as they are the ones holding the unencrypted chat history in the users cloud storage. Facebook themselves do not have access to the chat logs (unless they are compelled to inject keys).

They could literally have a hidden function in WhatsApp that scoops up all your chat history and sends it to Facebook if the government ask them to. It’s closed source. No one has a clue what it’s doing.

To be clear I’m not suggesting this is absolutely happening. I’m merely pointing out it’s entirely possible from a technological perspective given it’s closed source software owned by Facebook. That’s not a recipe for privacy.

To be clear about the threat vector, there's also nothing stopping signal from doing the same if they wanted to. Its impossible to tell if the version of signal you download from the app store is unmodified from the code you can find on github. I trust signal more than I trust facebook, but if you use signal, even though its opensource you still have to trust them not to put anything funky in the binary they upload to apple/google.

I'd love for iOS and android to add some sort of OS-level application hash or something. "This app was compiled with xcode version X / llvm version Y with this set of options. The resulting binary hashes to ZZZ". That way with the source code you could verify that the binary on your phone is unchanged.

(Another approach would be to get apple / google to do the compilation themselves from the project on github. If apple builds my project, they could put some signed metadata in the bundle saying "We (apple) compiled this from git SHA XXX")

Hi there, Signal Android dev here. We have reproducible build steps, so you actually can verify the code is the same :)


Reproducible builds do not help to determine if the version you download via the Play Store (or, for those on enterprise devices, any pre-installed corporate stores) is the same as you build - Play Store presents no real means to verify that. This includes any auto-updates if they are enabled.

It's an issue with Play Store as a delivery channel, the individual app in question can't do much about that.

Reproducible builds help if you: - download the APK separately (includng from the Signal website, or some of the other sources) - install the file locally via sideload - disable updates (!)

The instructions posted by the dev directly include instructions for pulling the APK from your phone which was installed through the Play Store.


This is very true. Reproducible builds for mobile apps would be far superior. You can build Signal from source for Android if you wish, although obviously this is a massive pain to do for each update, there’s absolutely nothing stopping you from doing it.

On iOS it's a lot more difficult to get the required certificates from Apple but you can run your own build in Xcode and deploy it to your personal device if you are a registered Apple developer.

While reproducible builds are obviously the gold standard, for apps you install from the Play Store or the App Store, developers sign the apps that get distributed with their own private keys. As Google and Apple don’t have access to these it should be verifiable that the apps are not tampered with.

There is an exception here with the Play Store, where there is an opt-in option for Google to sign the app on your behalf [1], but I think we can safely assume Signal are manually signing with their own private keys.

In any case it's easy to just grab an APK from an Android device and check signatures for yourself.

For iOS though, no surprises here it’s locked down. Although from what I gather reading Apple’s security documentation, it confirms that apps must be signed by developers with their private keys. [2] But unlike Android there’s sadly no way I can tell for the user to independently verify this without jailbreaking.

But ultimately, short of building each version yourself, all this is moot if you distrust the developers.

[1] https://developer.android.com/studio/publish/app-signing [2] https://manuals.info.apple.com/MANUALS/1000/MA1902/en_US/app...

Are there any instructions to build the app yourself for signal?

Yes, they have some docs on GitHub for how to do it: https://github.com/signalapp/Signal-Android/wiki/How-to-buil...

You can build the iOS version too for development: https://github.com/signalapp/Signal-iOS/blob/master/BUILDING...

I haven't done it before but you should even be able to deploy that build to your phone in theory: https://codewithchris.com/deploy-your-app-on-an-iphone/

It's unclear to me if there are any restrictions on iOS that would prevent you from doing that.

I spent a few hours trying to get a local build of signal-ios working a few weeks ago, in order to write a PR fix a bug with lost voice messages. The xcode project uses a plethora of device entitlements I'm not allowed to have (since I don't have the proper signal signing key). Even after a couple hours of tweaking to get it building and deployed to my device, its currently crashing on startup because it can't access some special signal local device store.

You can certainly get your own build working (without notifications and other features). But personally I found it prohibitively difficult to do so.

I think you will have a problem when it comes to push notifications. I doubt a local build would be able to receive push notifications addressed to App Store builds.

I just realized one issue with this is that their latest production branch is private so you would receive delayed updates.

Reverse engeneering is a thing, though. I would think, there is fame to be gained to show such a behavior from whatsapp, so some hackers could feel motivated to do this from time to time.

Absolutely. Of course hackers are reverse engineering WhatsApp, that's how all those nasty exploits it has keep getting sold to governments by the NSO Group.

But reverse engineering is a skill in itself and modern day smartphone OS's use a lot of code obfuscation when apps are compiled. This effectively means even those talented hackers are going through the reverse engineering process pulling at threads until they get lucky.

Reverse engineering (in this context, at least) doesn't just show you the code as the developer wrote it. And FB hires a lot of very clever people including cybersecurity experts who could sneak these things in using innocent looking code scrambled around the app. Even open source projects are at risk of having backdoors put in that pass review and simply look like innocent bugs if they get discovered, let alone closed source apps that have to be reverse engineered.

Again not going conspiracy nut and saying that's what FB is doing. Just saying it'd be very easy for FB to hide it if they were doing it.

To me the biggest confirmed weakness of WhatsApp is the cloud backups. E2EE is pointless when the message database is synced up to iCloud or Google Drive. WhatsApp even tells you this itself. When you enable cloud backups (and they keep bugging you until you do it) it literally tells you the backups aren't secured by E2EE. [1] Because, well, of course they aren't.

[1] https://faq.whatsapp.com/iphone/chats/how-to-back-up-to-iclo...

"Media and messages you back up aren't protected by WhatsApp end-to-end encryption while in iCloud."

The same is true of Signal in most practical ways. You can only run it on platforms that are fundamentally closed-source (either iOS or Google Play Services), so there's no reason to believe the RNGs it uses (and therefore all your session keys) are not backdoored. And you can only install it through official app stores where it's difficult or impossible to inspect what binary you have or "pin" a given version. So I don't see that it's meaningfully more secure than WhatsApp.

The mere fact it hoovers up less metadata alone makes it more private. I also trust the developers more way way more than I trust Facebook. That's a personal preference though and if you trust WhatsApp and don't mind that it leaks contacts and other metadata to Facebook to profile you then use WhatsApp.

If I wanted to I could install a fork of Signal that doesn't require Google Play [1] and run it on any non-Google Android build. I would do if it wasn't for the fact I'm currently using an iPhone.

[1] https://langis.cloudfrancois.fr/

I run Signal on GrapheneOS and find this comment incorrect and borderline offensive.

I see that Signal no longer depends on Google Play Services specifically. However it's still the case that it depends on proprietary Google code (it just includes that code in its own APK now) and still can't practically be installed without auto-update (again, it just includes that in its APK).

The "proprietary Google code" is a library with a well defined API, you can see what it has access to. I agree that Signal should take it out, but it's not an especially big deal from a security perspective.

The auto update functionality just tells you that an update is available, you can choose not to install it. You can also independently verify that the sha256 sum matches the one given on the website, and that the binary that sha256 sum corresponds to is produced via the reproducible build instructions. There are occasional bugs (I'd estimate a couple times a year, though it's less and less frequent) that causes the reproducible build to not match the provided build, and it's quickly noticed by someone and an issue opened in the issue tracker. If there were no explanation or no quick resolution, people would publicly raise a stink about it.

> you can choose not to install it

There is a time bomb in there and servers will kick you out regularly unless you have updated.

If you get a patched client running you could probably change whatever string is required but some sort of action is required on the client side.

Sure, but that's an unrelated phenomenon to the security implications being discussed. The argument against auto-updates is "it's running code without my permission or ability to audit first"; putting a recency requirement for client-server communication doesn't impact that concern, and I don't see any reason why it would be considered a bad thing.

> The argument against auto-updates is "it's running code without my permission or ability to audit first"; putting a recency requirement for client-server communication doesn't impact that concern

It makes it impractical to actually audit the code you're running, because you're forced to re-audit on Signal's schedule. And it makes those audits mostly meaningless: what are you going to do if you decide a given code change is suspicious? You can't keep using the version of the code you were happy with, so you'd better have a plan in place for moving off Signal quickly - but in that case how much can you gain from using it at all?

> It’s closed source. No one has a clue what it’s doing

This is just bullshit. If you have access to the binaries you can find out what the software does.

Well, WhatsApp client does have access to the unencrypted chats.

Not saying this happens, one possibility can always be to send encrypted traffic to WhatsApp servers while opening a second unencrypted channel to govt servers if a govt asks for it.

Terms and conditions were updated a few weeks ago. The fact that the key will only remain on your phone has been removed from them.

I'm surprised that Tor isn't integrated already. Moxie was pushing that at Twitter - a prototype was even built.

These blocks tend to be reactive, so if a blocked app starts using Tor, Iran will block Tor fairly quickly. So in return for a short-lived regain of the use of Signal, all of Tor gets blocked.

This proxy arrangement is better because folks who start them tell their friends in Iran, who tell their friends, but it isn't listed publicly, like most Tor entry nodes are. When the authorities find a proxy and block it, they only disconnect a subset of Signal users, who hopefully have other proxies they've learned from other friends or friends-of-friends. So now the blocking is trying to put out a thousand small fires that they have to find one-by-one.

<I have consulted for the Signal Foundation in the past, but not recently and haven't talked with anyone there about this>

Tor bridges work in the same way as this proxy; except Tor operates a centralized way of getting access to them.

Blocking tor exit nodes is considerably easier than an arbitrary proxy server. Tor provides a list, in fact.

No, it's the opposite—if Signal wants exit nodes, they obviously won't block them. It's the entry nodes that need to be blocked. Some are easy to find, but others require you to send an email from a unique email address from a trusted provider to get lists of IPs.

Using onion services doesn't use exit nodes, that's only for exiting to the public internet.

I have a proxy up at https://signal.tube/#s.bpj.net

If you can help share more proxies to people who need them, please send me an email (in my HN profile).

I'm surprised Tor isn't blocked, since it's pretty easy to block it, but if it's not, you can always tunnel your entire phone through Tor, which would include Signal. Do keep in mind, that depending on your threat model, you might want to separate your apps across multiple devices or at least accounts (I mean like Android user accounts), so only some go through Tor (see the Silk Road case for why), but that also equally applies to VPNs.

I don't remember what it's called, but I think the app is official by the Tor devs and basically makes a local VPN that your phone connects to and then forwards all traffic through Tor. It was on F-Droid last time I checked.

> so only some go through Tor (see the Silk Road case for why), but that also equally applies to VPNs.

Can you explain this?

I looked into the Silk Road story again and it looks like I was misremembering how they caught DPR, but splitting your "personally identifiable" and other browsing is still a good idea.

Let's say you use the Tor browser to browse some regular (non-Tor) site that is illegal in your country for whatever reason. But let's say you then remember you still haven't paid your taxes so you open a new tab and quickly go do that. But you're still in the Tor browser, so your e-banking traffic is going out the same exit node as your "illegal" traffic. Now, anyone that saw both of those things come out of the same node can conclude that it's somewhat likely both were done by the same person. If that someone is the government, they can get access logs from your bank and see which account was accessed by the exit node's IP. The more times you do this, the stronger the link between you personally and the illegal site is.

Of course, doing your taxes through the same Tor session is something most people would know to not do, but if your entire device is tunneled through Tor, you no longer have a say in what data it leaks. Your banking app probably sends requests periodically in the background to check for updates or whatever, your email client syncs your emails, etc. If any one of those services can be coerced by your government (and chances are they can) then whatever illegal things you do in that session can be loosely linked to you. I say loosely, because there are many people on one exit node, but the data points start adding up after a while (and depending on the insanity of your leaders, just being on the list of candidates might be enough to disappear you).

As for how they would get that metadata in the first place, there are a few ways. The exit node might be under their jurisdiction, but since we're talking about bypassing censorship, it certainly isn't. They could also have compromised the "illegal" server (hacked/coerced/honeypot...), in which case it's just a matter of cross-referencing the site's logs with anything they can get their hands on (and if the government is authoritarian enough, they probably already have access to a lot). The last option is compromising the exit node, which is also not impossible. There's nothing stopping your government from setting up a thousand Tor exit nodes and logging all the metadata. If you're constantly running Tor, chances are you land on one of their exit nodes eventually.

DISCLAIMER: the above was probably a bit too paranoid, but as I have zero experience hiding from an authoritarian government, I'm not in a position to judge how much paranoia is justified. It's entirely possible that none of this applies because your specific adversary doesn't employ these specific de-anonymization tactics, but that is something you need to know for your specific situation. I assumed an "everything is fucked" threat model here, but yours might not be as severe and other types of mitigations might be more appropriate.

> Let's say you use the Tor browser to browse some regular (non-Tor) site that is illegal in your country for whatever reason. But let's say you then remember you still haven't paid your taxes so you open a new tab and quickly go do that. But you're still in the Tor browser, so your e-banking traffic is going out the same exit node as your "illegal" traffic.

That isn't how Tor works. Tor creates a new circuit for each new host you connect to, and they also create new circuits for the same host fairly regularly (every 15 minutes I think) -- both of which are done specifically to avoid this precise attack.

I also don't have experience dealing with an authoritarian regime, and there are many more aspects to OPSEC than just using Tor (after all, Tor doesn't look like normal internet traffic unless you use obfuscators -- so an authoritarian regime can just target all Tor users, which is why having Tor be used by more people is important for improving anonymity). But Tor has already dealt with obvious attacks like the one you outlined.

Honest question: Is using Tor not a risk by itself in Iran? I wonder if this doesn't pop up under surveillance mechanisms as conspirative behavior and may trigger focussed surveillance, which is hard to get out of.

But maybe so many people in Iran use Tor that it's not very outstanding to use it? I remember there were stats on that published on the Tor Project Website...

Edit: To answer myself after 5 minutes of thinking: Of course there are bridges, too. I guess they don't appear as suspicous as regular entry nodes?

>I have a suggestion for signal team: please put tor in the signal, tor is better than any proxys or vpns.

You can get a tor proxy for Android at


Love back!

Thx Sherwin! Just out of curiosity: is iMessage working ok in Iran?

Not the OP but, I can confirm that iMessage works perfectly in Iran; However, because of both economical situation (inflation and the higher price of iPhone comparing to average Android phones) and the fact that local companies cannot release their apps on the AppStore, only a small portion of people use iPhone or in this case iMessage.

I’m not Iranian, but I spent a lot of time over this for a friend. iMessage works ok once you are able to activate it. But Apple insists on contacting “init-p01md.apple.com” with plaintext HTTP, this sometimes connects successfully, but often it doesn't.

I'm a big fan of the idea of independently-run proxy servers.

Caddy has a secure forward proxy plugin born out of a research project at Google that does something similar, but works with any clients that let you configure HTTP proxies, and doesn't terminate TLS: instead it tunnels it over TLS. The proxy server itself can also be probe-resistant, i.e. difficult to detect that a website is acting as a proxy.

I'm hoping more people can help test the patch to support Caddy v2: https://github.com/caddyserver/forwardproxy/pull/74

(Edit: Disclaimer - Don't use this in situations where your personal safety or freedom could be at risk... not yet. Not until more people with more experience can vet its implementation for bugs, and a very clear threat profile can drawn up. If you have experience with this, we'd love your help.)

how does something like this work against DPI? i guess not great?

>Don't use this in situations where your personal safety or freedom could be at risk

https://theintercept.com/2020/12/06/kashmir-social-media-pol... https://thewire.in/media/kashmir-journalist-auqib-javeed-pol...

reason why i have a general disregard for technologies that are based on some sort of "link" AFK, phone number or the stupid facebook real name policy. this is as of today being used to crack down on dissent. what you are saying is true but https://thenextweb.com/in/2020/01/08/kashmirs-police-want-pe... when you have your govt do this, how can you keep your signal account private? your phone is already listed. isnt it? cant the police see if you are on signal and if online means you are bypassing them somehow regardless of what you might be saying?

> how does something like this work against DPI? i guess not great?

No, it's pretty good. Think about it: all DPIs can see is an ordinary https connection. Since the traffic itself is encrypted, to discriminate this from normal web browsing the DPI device can only depend on metadata. Classic moves are:

1. Packet length pattern for TLS-in-TLS. 2. TLS fingerprinting.

The first could be defeated by adding padding to the first few packets of each of your connections. [1]

The second.. someone built a socks5 <-> https CONNECT proxy client [2] out of Chrome's codebase, which means it shares all the fingerprint with Chrome and you really can't tell.

[1] https://github.com/klzgrad/forwardproxy/commit/2350f380f8db2... [2] https://github.com/klzgrad/naiveproxy

Does this use TCP over TCP (painful in the face of packet loss[1]) or can you do something like using QUIC for the forward proxy to try to avoid breaking the tunneled TLS connection's retry timers?

[1]: http://sites.inka.de/sites/bigred/devel/tcp-tcp.html

It looks like a normal HTTP proxy supporting CONNECT (i.e. TLS over TLS), which wouldn't suffer from the problem you mention.

Note that TLS over TLS is _not_ the same thing as TCP over TCP. TCP over TCP is usually only a problem for VPNs or something similar (i.e. anything that sends raw IP packets over TCP).

Ah, that's the piece I was missing. Thanks.

Http3 support is being talked about in an issue (am mobile so no link for you right now) but the first priority -- pending dev resources -- is to merge the v2 PR and vet for bugs.

It's an irony how American companies try circumvents another country's law (regardless of whether you call it censorship or not, it is still a law) and boast about it.

Yet, in the US these companies help the mainstream narrative to enforce censorship by banning (Google and Apple App market) or simply not offering other point of views basic hosting services (AWS).

I am an Iranian and don't agree with all of our government actions but I can clearly see a tech neo-colonialism/neo-imperialism here. I am sure Signal's intention and people wanting to help is genuinely good but this does not change this double-standard.

I would like to see your supportive reaction if an Iranian company offers hosting to Parler. I imagine you would call it foreign intervention!

"I would like to see your supportive reaction if an Iranian company offers hosting to Parler. "

This is a hacker forum and not a US foreign ministry praise board, even though it is mainly US based. In other words, I doubt the reaction here would be rage, if a iranian company would do that. Hackers usually are not in favor of censorship or information restriction.

So who do you mean, with "you"?

> Hackers usually are not in favor of censorship or information restriction. So who do you mean, with "you"?

There are many comments on previous HN threads defending censorship and information restriction, precisely as the GP has described it.





There are certainly peoole here defending censorship, but the parent poster spoke like "we" would follow US geopolicy in general. And in general I don't see the majority here in favor of kicking out parler etc.

Rather the contrary. Anyway, by my tautological definition of hacker, no hacker would be in favor of banning a communication app, anyway, so ...

What you call “defending censorship” is perhaps better described as “defending free speech”. Forced speech is not free speech.

Censorship is the suppression of speech, public communication, or other information, on the basis that such material is considered objectionable, harmful, sensitive, or "inconvenient." Censorship can be conducted by governments, private institutions, and other controlling bodies.

Amazon, Apple, Google, Twitter, Facebook, etc. are multibillion-dollar corporations that control a colossal share of online communications.

Let's not play pretend here.

Stong disagree. When a handful of tech companies that form an Oligarchy on modern communication decide to systemically oppress members of one political party, that's the antithesis of free speech.

Lets not pretend that this has anything to do with their political party.

Would you also say that tech companies banning ISIS is systematically oppressing members of one religion?

> that's the antithesis of free speech

It’s not. Companies enjoy freedom of speech too, but you’d force them to publish content they don’t want to publish. That’s the antithesis of free speech.

Fair enough, you have a good point. By, "you" I mean a tech person who is supportive of Signal action and is willing to setup a proxy without realizing that this is circumventing another country's law.

I agree I could have said it more clearly and less emotionally.

I think you expressed it really well. Double standards and hypocrisy seem to be one trait that Americans inherited from their British founders.

> Yet, in the US these companies help the mainstream narrative to enforce censorship by banning

Why THESE companies? Where did Signal do this? Or are all US companies the same entity to you?

I describe my sentiment more precisely. By "these companies" I refer to entities or even individuals who take a very simplistic view toward this issue (Blocking of Signal by Iranian government).

In this simplistic viewpoint, issues in 3rd world countries (even this naming is condescending) are assumed to be evident. In this case an evil government versus oppressed people who can not even communicate with each other freely. So 'we' good people must help these poor people against their oppressive government.

This is in contrast to a much more nuanced view of the issues in the west. End-to-end encryption is a debated issue in the US and EU and legislators have proposed laws to ban it or enforcing other mechanisms to circumvent by law enforcement such as backdoors.

I mentioned the US as an example, because of Signal is operating under US jurisdiction. Moreover, the recent events in the US demonstrated that how a supposedly stable democracy is vulnerable to chaos. In this situation the tech companies decided to limit the communication of people or access to their platform for the greater good (according to them). I am not stating whether this is good or bad. I just want to point out that the issue is complex, nuanced and needs debate in the society. Keep in mind that the US is a superpower surrounded by two oceans and two friendly countries and has no serious external threat.

This is in contrast to Iran which is in a chaotic region and surrounded by the US military bases. It has suffered wars and coup in its recent history. It is currently under harsh economic sanctions with a possible goal of people revolting. The Iranian government has reasons to be paranoid and fearful that Signal can be used to organize violent demonstration. They cannot even demand information regarding criminal cases such as drug trafficking from these tech companies.

In the US the decision of giving access to tools and platforms is out-sourced to companies but in most part of the world governments make these kind of policies (again not necessarily good or bad).

I don't have a solution to these problems and I am not trying to say that we have an equivalence here. What I am expecting is a more nuanced and sophisticated perspective toward the issue.

> This is in contrast to a much more nuanced view of the issues in the west. End-to-end encryption is a debated issue in the US and EU and legislators have proposed laws to ban it or enforcing other mechanisms to circumvent by law enforcement such as backdoors.

It looks to me like you try to cloud your false argument in whataboutisms based upon a profound lack of knowledge:

> I mentioned the US as an example, because of Signal is operating under US jurisdiction.

The reason Signal is a good way to go is because this doesn't matter. Signal doesn't save any conversations they can hand over to the US (or other) government.

> This is in contrast to Iran which is in a chaotic region and surrounded by the US military bases.

Yeah, yeah I get it. We all do. US = bad but how does it change anything for the oppressed people in Iran we can help here? If those would have been people in the US, we'd be doing the same thing for them here in the EU.

> What I am expecting is a more nuanced and sophisticated perspective toward the issue.

A whataboutism and derailment of the issue is neither nuanced nor sophisticated. It's quite shady and ignorant.

Here is something you can do to help people out but instead of doing that, you try to build some weird case which actually helps the Iranian government.

Well. A Russian company, DDos-Guard, did host Parler in the end didn't they?

And sure enough, the FBI is investigating.

Signal is a charity rather than a company, but dunno if that makes any actual difference.

> I would like to see your supportive reaction if an Iranian company offers hosting to Parler. I imagine you would call it foreign intervention!

It's fine with me if an Iranian company offers to host Parler.

Having said that, I'm also in favor of prosecuting US companies that violate any sanctions we have against Iran.

Why are you in favor of sanctions on Iran? I've never really heard a good argument. It mostly tends to be "Well they say things I don't like that scare me, like Death to America" so very anti free speech type arguments.

I vouched for this post but you appear to be shadow-banned.

> Why are you in favor of sanctions on Iran?

My position isn't that Iranian sanctions are a good idea - I don't yet have an informed opinion about them.

We have laws against US companies trading with Iran and I believe in the rule of law as a general principle.

Am honestly not trolling here although it will sound like it:

Can someone please explain to me why it's a OK to reconnect Iranians to Signal, but not Trump supporters to Twitter (the ones censored and banned by Twitter)?

Hi, glad to help. The answer is that it depends on what your values are.

If you want to reconnect people to twitter (a publishing platform) who have been banned for racist hate speech or inciting violence, and the laws in your jurisdiction permit you to do that. Then you can do that without going to jail.

If you want to reconnect people to signal (a personal communications tool) who have been disconnected from it due to reasons best understood by the Iranian government, an the laws in your jurisdiction permit you to do that. Then you can do that without going to jail.

It's really just a value judgement whether you consider giving a publishing platform to racists against the will of said publishing platform is a worthwhile activity.

And, again, it's just a value judgement whether you consider giving the right to privately communicate back to Iranians who have been, effectively, deprived of it by connecting them to a service which will willingly have them is a worthwhile activity.

Your values may differ from mine. And both my and your values could differ from the majority of HN users. My experience is that perfect alignments of values rarely, if ever, occur between any two individuals.

It goes way way beyond inciting violence. For example, Facebook recently shut down the page of Socialist Workers Party in Britain. Facebook suspended well known libertarian Ron Paul. Timer blocked links to the New York Post Joe and Hunter Biden exposé and locked accounts that shared it.

Thanks for pointing that out. Yes, sadly, it would appear that those are the values of Facebook and Twitter. Insofar as an institution like a corporation can be said to possess "values" anyway...

But let's just assume we both dislike the editorial policies of Twitter. A pretty safe assumption, I think :)

Will spamming Twitter via a network of TLS proxies do anything to change their editorial policy to something more preferable to you or I?

Will setting up a network of TLS proxies to Signal give Iranians access to Signal?

Perhaps the answer to those two questions will give some indication as to what the practical (and moral) differences are.

For my two pence. I think anyone should be allowed to use a phone for any purpose, and I accept that a tap-proof phone can be used to commit crimes. I don't think Osama Bin Laden should be able to take out a page in the new york times to give his hot take on his "hugely successful" WTC attacks. Don't get me wrong, I'm not saying that these examples map directly to the point in hand, but I am just pointing out that they are different media and the balance between freedom of speech and public decency are struck differently and that tactics for finding political solutions to censorship in each case might look different, too.

Because Signal didn't block Iran? This is false equivalence.

They're completely unrelated examples. I'll try to explain why.

Iran's (authoritarian, human-rights-abusing) government wants to prevent citizens from communicating with each other using tools that are resistant to interception by their secret police. HN supports the basic human right to privacy, and thus wants to help Iranians circumvent unjust laws or government actions.

White supremacists (who happen to support Trump, because duh) are being banned by Twitter -- a company, notably distinct from a government, and thus incapable of "censoring" anything. This prevents them from using Twitter's platform to publish hate speech and (arguably illegal, definitely unjust) calls to violence. HN supports the right of a company to decide who can publish content on their platform and agrees that it's cool to tell racists that they aren't welcome there.

So their government is blocking Facebook, Twitter, Youtube, Telegram, Signal, BBC, CNN, Netflix, and probably many other social and media platforms.

Meanwhile we are blocking Iranians to access Docker, Slack, Gitlab, Google Code, Github(Github until recently), Paypal, Apple Store, Play Store, AWS, Coursera, Adobe, Nvidia, AVG, Avast, Symantec, McAfee, Matlab!!, Oracle and many more.

It should be really fun to use Internet in Iran.

It is not fun. Trust me. I am an Iranian and I used to sell VPN back in Iran when I was in high school. I had hundreds of users and I was threatened with prosecution and I left the country. Literally everything is blocked except government or university websites. On the positive side, you can Torrent as much as you want or download any music or hack websites and it is completely fine :)

I never see Iranian IPs on torrents. Is that because they are all on VPNs?

I am not sure. I never had any problem downloading Torrent back then without VPN. I have been living in the U.S. for 12+ years. Things may have changed.

Spot on! This is the 21st century's version of being born into a poor African American family.

Jokes aside it's truely painful. I was lucky to have a job that got me out easily. Though it felt embarrassing when I was seeing everyone uses Docker and AWS extensively at my new job while I had never used them properly not because I wasn't smart enough but just because of where I born :(

Netflix even blocks VPS IPs, to enforce their regional locks or something.

I just set up a Signal proxy - I don't have any social media, any suggestions as to the best place to post the signal.tube link so that it can get to those who need it the most? Thanks!

There was an article in 2014: "Imagining a Rebel Firefox" ( https://medium.com/@efrensandoval/imagining-a-rebel-firefox-... ) which played with the idea if every firefox node would become tor(ish) gateway.

Is there no way to build this in the Signal clients themselves? Eg. on is on a wifi, try to upnp, ask the user if they'd wish to help.

Similar to the Tor Project's Snowflake[1] Firefox addon?

[1] https://addons.mozilla.org/en-US/firefox/addon/torproject-sn...

Thanks for mentioning this! I’m surprised I hadn’t seen this before.

No because mobile devices suck for P2P. Even on wifi and plugged in you likely couldn't force your app to stay open and the phone on. Easier to tell a bunch of people to run a docker container on a raspberry pi.

Why can't they just ship signal with a Tor client? This is precisely what Tor was built for.

They can donate some money to charities running Tor nodes while they're at it, or run some themselves.

Iran tried to censor Tor too, but it's pretty much impossible to do so fully. At least the Tor devs are usually on top of it, while Signal is inexperienced dealing with things like this.

What makes you think that it’s hard to block Tor? Even Kazakhstan blocked Tor many years ago. They’re using DPI: connection opens, client can write data, but can’t read anything which is frustrating from user PoV.

> What makes you think that it’s hard to block Tor?

The fact that it is?

There are secret bridges and Tor is able to disguise its traffic as other 'legitimate' protocols.

The bridges don't remain secret forever. All it takes is a government agency to ask the mailing list for one and then it's compromised. Once they're discovered, you can get into deep shit for trying to connect to that address.

My ex moved to China, and she told me that the only people who say Tor can't be blocked are people who have never lived in a country where the government is actively trying to block it. Just because you can connect to it doesn't mean you won't get a knock on the door in a month asking why.

Tor is is blocked in Iran.

if they block can block tor what makes you think they can't block these proxies? furthermore if you use tor you can use the existing network of bridges/relays as well as their pluggable transports protocol to avoid DPI/traffic analysis.

Iran is already blocking Tor. In general, if Signal provides some central way to use Tor together with Signal, the Iranian government can just run it on their machine, and block every IP address that it tries to connect to.

Iran can block these proxies, too, but this way there isn't any centralized listing of proxies. This proxy setup is simple enough that a single person could run a proxy for a few dozen of their friends, and the Iranian government might just never find out about it.

there are public and private bridges.

If I remember correctly from what my Iranian friends told me not long ago, there are indeed working bridges in Iran.

exactly, this article is exceptionally egregious at estimating state actor's tools agumented by HUMINT capabilities to hunt down anybody trying to subvert their iron curtain.

I fear that some naive Western expat will participate and find themselves in a hostage. Many countries in this don't have any treaties with Western nations, they dont have high regard for human rights either.

Signal is taking a leaf out of Telegram's book here in crowd-sourcing censorship circumvention which has worked so well for Telegram in Russia, especially.

One could use censorship evading VPNs like Tor, Lantern, Shadowsocks, Psiphon in addition to using these proxies. They all have different evasion mechanisms.

The thing that works for user-run proxies is, it is like a hydra, you censor one proxy another crops up.

I'm worried that Iran is less concerned about collateral damage. Russia gave up because successfully banning Telegram would also ban significant parts of the internet that Russian businesses (etc.) depend on, so that was unworkable. I expect that Iran won't care quite as much.

Regardless, I hope this does actually end up working, and allows Iranians to use Signal without a prolonged cat-and-mouse game.

Tor has a very similar proxy setup that can be used to get around blocks like this.


Yup. I just tested ~~the fdroid~~ signal (the non-google-play apk from signal's web site) with orbot (a tor VPN for android) and verified it works correctly for text messaging. As you say, using a bridge should make it difficult for iran to block. I wouldn't be surprised though if voice/video was too high latency or doesn't work at all. https://mobile.twitter.com/sporksmith/status/135738175783478...

They can block these proxies. Thats why in the #IRanASignalProxy section they say to share in more discrete ways if you can.

Which to me is bad. They should run a service like Tor does to get private bridges. I don't know anyone in Iran but I have a server I could use for this. However I know zero people in Iran.

So you use the hashtag on a public tweet etc and say DM me for a proxy.

Tor is very easy to block, and relies on very similar proxies to circumvent that.

You probably haven't followed Tor development in the past years. obfs4 and snowflake a really cool circumvention methods that are orders of magnitude harder to detect and block than these "signal" TLS proxies.

The TLS proxy signal just advertised uses plaintext TLS SNI header to determine where to route the packets, which makes it really trivial to detect and/or block. The same cannot be said about tor.

I’m familiar with obfs4 and snowflake.

Signals TLS proxy is naive compared to obfs4, but at it’s core it’s a similar solution.

Iran isn't able to detect bridges using obfs4 with DPI as of now (as far as I know).

So no, it's not 'blocked'. They're just trying. Mostly by blocking bridges they know of.

Of course it's hard to censor Tor, but is it really hard to outright block it? Last time I looked into it, you could just fetch the list of edge nodes that have to be public by design and block all of those.

Damn, I've read the code. This won't work against an active probe. Censors just use signal domains and non-signal domains to test your proxy. If signal domains get passed and non-signal domains got denied, you are fucked. Besides, TLS in TLS is highly identifiable by simple packet length dpi. I'd hope there's better plan.

And based the log on my hand, probing is really "mainstream" now days. I have a Shadowsocks proxy instance started since Oct 20 last year, and it's been attacked

    $ docker logs shadowsocks 2>&1| grep "AEAD: repeat salt detected" | wc -l
times total. The last 6 happened less than 10 minutes ago. My expectation is, TLS will be probed even more, because the handshake parameters (the order of CipherSuite for example) itself could leak a lots of info about the client&server.

It's not easy to build a protocol that is cryptographically safe all while keep the traffic characterless/innocent. Could be a "World Changing Event" if somebody discovered a way through.

TLS 1.3 supports (encrypted) padding bytes for Application Data; which could be used to normalize the packet lengths. Probably not accessibly via normal system TLS libraries though.

Although, if only Signal is making nice sized packets, that could be suspicous.

> Censors just use signal domains and non-signal domains to test your proxy.

If the censor already knows about your proxy they would have no reason to test it... The whole point is that there isn't a central list of proxies for them to easily block.

No but look, they're blocking connections country-wide. Apparently they have government boxes installed on the outside lines. If you're looking at IP headers and deciding to drop or pass based on that, it's trivial to collect the IPs you don't yet know, check if they're running a proxy (Signal, Tor, I2P, whatever), then add them to the block list if they are.

If it's trivial to figure out (by doing a nice handshake) whether something is a certain kind of proxy, then the cat-and-mouse game is reduced from finding lots of mice to updating the cat system to test whether passing animals are mice and instantly wiping out the mice population.

This is the very same problem that Tor faced when Tor bridge use started to pick up in China around the late 2000s / early 2010s. You only needed a single Chinese user to connect to your server for it to be probed by the Chinese censors. Older versions of the obfs Tor bridge protocol could be detected by active probes and thus blocked very much like these Signal proxies. This is a cat and mouse game that Signal could very easily lose should Iran start to care about probing all new active connections that leave Iran.

> there isn't

YET. I wonder if someone will find a simple way to map these with shodan.

If Iran is blocking Signal but not other apps, namely Whatsapp, does this mean Iran has access to Whatsapp data?

I fully expect the US govt to have access to fb/whatsapp data (at least the metadata), but it's a bit surprising to me that Iran would too.

I think FB’s policy is to comply with local laws regardless of ethical concerns?

which you can't read without a FB account! In any case 6 users/accounts in fist half of 2020

I think FB's policy is to _____(verb)_____ regardless of ethical concerns.

They certainly aren't complying with U.S. antitrust laws. They comply if it makes them money and don't comply if it doesn't make them money.

I doubt it. By the same reasoning they would also have access to iMessage and other apps that aren't banned. Not sure what WhatsApp or fb has to do with this.

Considering Apple put all data of Chinese users on Chinese servers to keep the CCP happy I have no doubt they’re perfectly happy and willing to comply with government requests elsewhere too.

Iran blocks every major foreign messaging app, except WhatsApp. Signal escaped it until now only because they had so few users. Also keep in mind that while WhatsApp claims to use the Signal protocol, they installed a backdoor that allows them to MITM conversations. So yes, I’d say it’s virtually guaranteed that WhatsApp is sending unencrypted message data to Iran, and of course to the US too.

HN discussion of that post: https://news.ycombinator.com/item?id=13394900

I guess I'm coming down hard on one side of a controversial question, but in my mind, if it allows the server to intercept messages without users knowing about it under the default configuration, it's a backdoor.

“There’s no backdoor.”

— Perhaps the door is cracked (or ajar) and a microphone is listening in ... still?

> [WhatsApp] installed a backdoor that allows them to MITM conversations


I created an HAProxy configuration that should be equivalent to the nginx configuration within the Signal-TLS-Proxy repository:


I could not test it with the Signal client yet, because the Beta is not yet available for me. However I verified that the nested TLS works using openssl and netcat.

Their proxy seems to just be nginx, I'm surprised they didn't just share nginx or apache configurations. Most people with a box suitable for running this are probably already running a web server, so there's no reason they should be proxying from their existing web server to this dockerized server which just proxies to Signal.

Looking into their repo, they also appear to be building an nginx image from docker.io/ubuntu:20.04 instead of using docker.io/nginx. They are also running two separate nginx processes. I wonder how they ended up with this weird intricate setup.

I would be glad to help if they offered straightforward instructions.

The Nginx configs use modules that are not compiled by default, so most preexisting Nginx binaries in mainstream distros won't work.

This is correct, just set one of these up and it uses extra Nginx plugins.

Also the way they’ve done it makes it incredibly easy for anyone who isn’t a tech expert with a web server to still help out with a $5 domain and a $5 VPS. You literally run three commands and it’s done.

They want as many people as possible running these so blocking them all is as difficult as possible. It’s the smartest approach to have a low barrier to entry for something like this.

Signal should be federated. This censorship problem would not exist, or would be organically routed around, were the service federated.

Without federation, Signal is just another stepping stone in the long path of eventually abandoned instant messengers, all the way back from ICQ. We will get to an SMTP-like protocol, and email-like service, at some point. If not Signal, some other one.

I’m not so sure. Moxies reasons about how federation leads to protocol development slowing and then freezing are solid.

It’s why we re not using smtp for chat. SMTP can’t be extended enough so replacements are built instead. Similarly if signal federated, eventually it would freeze and a few years later users would move to wherever they could get new features.

Federation is a good thing but only when the protocol is finished or if there is a forcing mechanism to allow updates to the protocol. ethereum/Bitcoin are good examples as they have flag days that force the value of currency to be in the balance to keep the protocol moving forward.

Honestly deltachat works great and its chat over smtp and imap.

Im not sure "chat" needs this much constant "innovation" at the protocol level. Most of the issues with email are client UX more so than actual protocol limitations.

Not really kept up with the latest with this, but chat over IMAP is a thing


I don't see what prevents updating as long as you don't care about fragmentation. You probably can't compile all brand new software on a very old Linux kernel, but who cares. I mean yeah, you'll have to care more about fragmentation, but it's not all or nothing. You'll still be able to update the protocol, you just have to make breaking changes less often.

I think XMPP is a better comparison than SMTP. In its heyday, XMPP had several clients, some with different proprietary extensions, and all the core functionality basically worked across all the clients. Though it turns out some of the messengers I thought were XMPP were actually different protocols that XMPP could work with. Imagine that. People still use it too, though it's not as popular as it was in the 2000s.

Signal was federated at one point: https://lwn.net/Articles/687294/

Moxie, one of the original authors of the Signal protocol, said federation severely restricted flexibility and so they had to move on: https://news.ycombinator.com/item?id=11668912

They "federated" with only one other server run by the Cyanogenmod team.

Agreeing on and keeping some spec up to date is a solved problem. Just ask any web standards committee.

> organically routed around

Do any SMTP servers still allow organic routing? I was under the impression that all modern servers have extremely cumbersome auth/dkim and its hard to not be GMail and still send a real msg and have it arrive

DKIM/SPF really aren't that bad. And you can not be Gmail and still get emails sent. Except Outlook/Hotmail/etc will randomly start blocking your emails, and only unblock your emails after you pester them enough.

Have a look at matrix - https://matrix.org/

FWIW right now to any Iranian friends on here. We have Umbrella in Persian/Fa now available. It's a massive open source guide to digital and physical security. Everything from how to use Signal to how to deal with arrest.

More info: https://www.secfirst.org.

iOS: https://apps.apple.com/us/app/umbrella-security/id1453715310

Android: https://play.google.com/store/apps/details?id=org.secfirst.u...

Web (Beta): https://umbrella.secfirst.org

Github: https://github.com/securityfirst/

How would you let users know about this proxy without letting their government know about it? Instead of platforms like twitter, how about randomly giving out random proxies in some header that the app could query on cloudflare or google or akamai? Does Signal already make use of any CDN's for out-of-band signalling and fail-over? If the Signal proxy could expose an obfuscated load metric, then the CDN could pick another proxy via health checks. The proxy could advertise itself via CDN's as well.

That's the trick isn't it: having an entire population know something an oppressive government doesn't.

Even if you teach everyone how to deploy their own servers, then that's the knowledge the government will start targeting. You can make blocks expensive, i.e. blocking other major, useful services that would disrupt society too much for them to want to deal with, but this of course has its own costs.

It's censorship and surveillance all the way down.

As far as I know, Iran is much too open an society to actually prevent its citizens from knowing anything in particular.

That's not to say it's a free society or that censorship doesn't exist there, just that it's not the sort of regime that is particularly good at it.

If I had to guess, Iranian expats would be a likely set of people to start up proxy servers for their family and friends back home.

Yes, which is why Signal is doing a disservice by telling people to announce their proxies on Twitter. The expats should just tell their friends and family, and tell them to pass the word on only to people they trust.

But this doesn't stop them from doing that. If you have an expat friend or family member with a proxy, use theirs, if not, check the latest tweet with the hashtag and use that.

That is precisely why I am suggesting using a CDN. Old school CDN that is. Back in the day, if you had Akamai, your site would just use one (or many) of their generic names. Nowadays you can use your own domain to front their network, but you don't have to. If Signal was using a few CDN's and cycled through many generic end-point names, then Iran would have to block all the CDN's which would be nearly the same as shutting off the internet. This would not have to be the default mode of Signal. It could be an option that the client suggests. "Hey, it appears we are blocked. Use alternate proxies?" Then cycle through many different CDN's using many generic end-point names. Some of the CDN's can also do layer 4 vips and not have to decrypt anything. They can just act as a TCP tunnel if need be, just costs more.

At some point, the easier option is for there to be a revolution or some sort of governmental change.

Easy to say when it is not your life or your families’ lives at risk.

True but not everyone is keen to experience the civil war that often accompanies such a change.

That's what lead to this mess in the first place!

Communication is key to both of those things.

I think Signal is clearly recognising that nearly sny server or system they create will be blocked, which is why they recommended this being done on an individual layer.

From the article:

> A more discrete approach would be to only send the link via a DM or a non-public message. You can post something like this on your favorite social network:

> * #IRanASignalProxy Reply to this thread if you want the connection details, and follow me so I can DM you the link.*

No good; people working for the Iranian state will DM. Signal didn't think this through. No one should announce proxies via social media. Tell people how to set one up for friends and family.

> No good; people working for the Iranian state will DM.

They'll probably try, but it's not very scalable. It's tough to build and maintain a Twitter account with a history that looks like a real regular person, much less create a bunch of them fast with history that dates back before the day you started. If most of them make a modest effort to verify users, most of them should remain unblocked. It's all pretty decentralized, so it's not that big as deal if a few of them do get discovered and blocked.

People working for the Iranian state generally would be discernible from their Twitter account, and by controlling the information you hand out you can also flag the hidden accounts that aren't easily recognized.

You also overestimate how committed Iran is to stopping this. Doing this in public risks the state finding out, but outside of times of crisis the state is usually pretty slow to respond. Keeping it private tanks participation rates.

There are about 700,000 people of Iranian descent in the Los Angeles area alone (the largest such community in the US). Most of them are in the US to escape the regime, and most of friends and family in Iran who they keep in touch with. The people in Iran also have their own networks.

So a down-low friends and family approach could reach a lot of people.

If you just filter the amount of those 700,000 down to how many are aware Signal exists, I bet we'd already be at a low enough number to see the problem with your plan.

There are plenty of people that don't have friends of family in Iran but would still like to help.

> How would you let users know about this proxy without letting their government know about it?

From the blog post, "A more discrete approach would be to only send the link via a DM or a non-public message."

> how about randomly giving out random proxies in some header that the app could query on cloudflare or google or akamai

That would "..increases the chance that Iranian censors will simply add those IPs to their block list"

It looks like the solution provided in the blog post is limited to helping folks run their own proxy for people they know.

Generally speaking censorship by a government needs to be pretty poorly done at best. Taking out the bulk of the usage of Signal is easy, removing it completely is hard. Much better to apply minimum cost and effort where it counts most.

Yup, I would run one but I don't know any Iranians...

What is the state of the art on censorship resistance right now? This cat-and-mouse proxy fight never seems to go great for the good guys.

My last in-depth reading on it was the excellent 2016 SoK paper “Towards grounding censorship circumvention in empiricism” (http://www.cs.umd.edu/class/fall2018/cmsc818O/papers/sok-cen...)

The high level takeaway then seemed to be that researchers were not focusing efforts on measures that can actually help more people resist censors. Have we made progress since then?

I keep an eye on the work censorship.ai does as they are usually at the cutting edge of it: https://geneva.cs.umd.edu/papers/

Tor, Jigsaw's Outline, and V2RayNG are worth keeping tabs on as they're FOSS projects and do much of their development in the open.

Lantern's development whilst it was still open source was fascinating to see as well. Since 2016 (I believe) they stopped doing so out of security concerns: https://twitter.com/adamfisk/status/1316569766832869377

There are relatively good solutions like dns fronting on Amazon or Google, but they frown upon being used that way.

Telegram got around Russian censors by constantly pushing new IPs for their servers with Google Cloud. Of course this is a cat and mouse game as well, but it worked out well for them, since Russia didn't want to block all of Google/AWS.


So... federate but not really?

I'd heavily advise instead to run as many xmpp servers* as possible, and let people/friends use them.

*not matrix, unless one configures it to forget the data and only act as a message broker, like XMPP. For this specific use, it's better.

I do not know anyone in Iran but have spare cash to host a VPS or two. How can I help anyone without broadcasting my proxy for the censors to eventually get ahold of?

edit: https://twitter.com/alsdkjflasdkjf1

edit2: You can drop me a mail here, too: jegzc4na8j7@temp.mailbox.org

This proxy failed to be probing resistant. The PoC code is released by studentmain: https://github.com/signalapp/Signal-TLS-Proxy/issues/3#issue...

That's the sort of PoC that should be PGP encrypted to the Signal authors instead of publicly posted. Iran will have a field day with it being posted like this.

Except, of course, that posting public keys is too 1990s for him https://moxie.org/2015/02/24/gpg-and-me.html (which contains some good arguments but offers no solutions, so whatcha gonna do, post a phone number and trust the signal servers to give you the right public key? That's better than self-published public keys? For an anarchist? Is it smart to post phone numbers publicly anyway, see e.g. SS7?) Perhaps just ignore this paragraph, I'm just a confused person seeing mixed signals.

They've since deleted the issue, FWIW. Perhaps it was important enough this time ;)

it is pretty trivial though and an obvious deficit easily visible by just looking at the "code" or nginx config in this case... it is even trivial to come up with this without knowing any of the setups details...

Ironic how people want to help de-censor what's considered to be an enemy nation (by the media), but are ok with censoring half their next-door neighbors based on politics.

Nobody here thinks anyone in the US should be unable to use Signal.

...Until it gets branded as a white supremacist tool for encrypted communications.

Call me extremely pessimistic but events like Jan 6. will be used as justification to start attacking applications that offer end-to-end encryption, and encryption in general. Just like 9/11 was used to justify eroding certain civil liberties.

> One employee pointed out that fascists are often quite public about their activities, as the recent insurrection in broad daylight at the Capitol showed


Thanks to olah_1 for this reference

They’re already discussing what to do when “fascists” (read: Christian rednecks) start posting signal group links.

> One employee pointed out that fascists are often quite public about their activities, as the recent insurrection in broad daylight at the Capitol showed


Wouldn't Briar be a good choice? https://briarproject.org/

Apple devices are fairly rare in Iran.

They're fairly rare compared to Android in most countries, actually, also rich countries. That it doesn't work on Apple devices being seen as a blocker was the last thing I expected when clicking that link.

Signal could learn a lot from Telegram in this regard.

Russian govt had tried to block Telegram but telegram servers just keep jumping over various cidrs and users got the ip addresses for connecting over push updates and the only thing the govt succeeded in was blocking a wide range of subnets including AWS ranges and GCP ranges thus disrupting a whole lot of businesses and even some government services.

They gave up and lifted the ban eventually.


That article notes that Signal has been domain fronting since 2016. I think google has cracked down on it more recently though, and hence Signal has had to circumvent censors in a new way

Correct, both Google and Amazon told Signal not to use them for domain fronting: https://signal.org/blog/looking-back-on-the-front/

Gross! I wonder what motivated these decisions inside Amazon & Google. This likely affects the Tor project domain fronting as well.

We really should not have let the majority of internet traffic be served by a small handful of giant companies without some legal protections as to what they're allowed to do.

Believe me, I'm all about reigning in big tech.

But I would be 100% against any law that required them to allow domain fronting. It's fine if they want to, but requiring them to basically open up/leave open a hole in their systems is not right.

Probably malware using domain fronting techniques for C2 traffic played a role in that decision. E.g. https://threatpost.com/apt29-used-domain-fronting-tor-to-exe...

In general there are many things that are beneficial when used by good actors and harmful when used by bad actors. That's just the nature of power.

I'm really bothered by blanket policies that prevent beneficial uses of a tool because it can also be used to cause harm. Google and Amazon need to figure out how to disambiguate the two.

What I recall from the discussion back then is, that domain fronting basically means, that Signal would disguise itself as google or amazon traffic. So I would say, it is understandable, that they decided this is not good for their buisness.

So it was not an act by google and amazon to activly harm Signal, but rather canceling ongoing support of Signal, that could put their buisness to harm, which is something different.

I don't know.

In the grand scheme of things, I don't like how much infrastructure technology giants control.

In this specific case, however, domain fronting is basically saying "if you want to ban me, you have to ban all of us", without asking if the rest of "us" consent to be put on the same boat.

It would be cool if they are, but it's perfectly understandable for them to disagree.

What about Cloudflare?

Answer from Cloudflare team seems to be "No" - https://community.cloudflare.com/t/could-cloudflare-support-...

Surprised by that considering their willingness to work with ethereum on resolving .eth domains through .eth.link domains.

There has to be a cleverer way to solve the problem of having several domain names on the same IP than just sending the desired domain name in plaintext.

And this new way, while less convenient, is arguably superior due to its decentralisation. They’re not just going after one service they’re now going after people all around the world running these proxies.

Just set one up myself took 15 minutes and that includes setting up a fresh VPS.

Just thinking what the best way to share it is.

I've been mulling this over today, as your ability to get the name/IP of the proxy has to be censorship resistant as well.

The best idea I've had so far is using a CNAME response to a very common DNS query which would pass a basic filter, like I'd ask for "mail.mydomain.com" and it would respond with a CNAME pointing to the actual proxy. I have dead domains which I have configured with null records for MX and stuff (so spammers can't abuse them), I could hide the name of my proxies in the MX records a CNAMEs and nobody would be the wiser...

The trick is getting the word out on how to do it - like "hey everyone, just ask random domains for "mx.domain.com" and use the 30 level MX" or something which would pass as legit traffic. Maybe...

Using innocent sounding CNAMEs on abandoned domains is definitely a smart idea.

I’ve definitely got some old domains kicking about, I’ll see how far off they are from expiration and do something similar if they have at least a few months left in them.

The proxies themselves can also be hosted at normal sounding domains and subdomains like cdn.technology.memes or whatever.

And when you point other domains to them as CNAMEs use equally regular looking subdomains no algorithm would pick up as a proxy like webmail.abandoned.tld.

If your scheme for conveying innocent sounding proxy domains requires it's own innocent sounding domains what have you added?

To my thinking, it creates a chain of "it's really hard to block them all" - as soon as I saw (via the link) that you submit your new proxy to https://signal.tube I thought "...so the Iranian gov't just has to block any and all access - DNS, HTTP - to that domain" and people can't even see what proxies are out there. So if my friendly domain name is "learned as a Signal proxy" they just block my domain (personally, I'd use two domains to double-blind it).

My conceptual idea is that how you get the person the name of the proxy to use has to hide as signal amongst the noise and not get trapped in DNS/domain blocking filters - and if it's keyword blocked by the Great Firewall, you just start asking other random domains for their MX records etc. I believe it's generally referred to as steganography: https://en.wikipedia.org/wiki/Steganography

Re-read the OP. No connection is actually made to `signal.tube`, it's only a placeholder domain for triggering an Android registered link handler so that it will open in their app.

Thought following yours, I like the CDN idea - if you add in some dynamic DNS updates with random CNAME results it could also help - ask for cdn.example.com, get node182.example.com and 5 minutes later get a different CNAME result injected from some cron job...

lol i accidentally rented a decent VPS for 30 days in switzerland and now I have a use case for it whoo

Thank you. It's heartwarming to read about successes like this.

Immediate recalling John Gilmore (GNU/EFF/etc.) in 1993:

"The Net interprets censorship as damage and routes around it."

I believe telegram itself is blocked in Iran, though.

It is indeed. Iran does not shy away from blocking large swaths of the internet in order to make sure the parts they want blocked will remain blocked. For example, before 2009, there were specific blogs on wordpress.com which were blocked and making sure the content the government wanted inaccessible would remain inaccessible had turned into a whack-a-mole game. In 2009, they simply blocked the entirety of Wordpress, Facebook, YouTube, etc. and made their jobs much easier.

Iran would not hesitate to block all AWS IP addresses as a solution (I don't know if that is how they block Telegram now). GCP resources would not load in Iran anyway because Google has a very strict (much more strict than AWS and Azure) interpretation of the sanctions, so they don't have to worry about them.

Telegram blocking in Iran is theoretical. There are still a great many Iranians successfully using Telegram (via proxies or modified versions of the app).

> It is indeed. Iran does not shy away from blocking large swaths of the internet

> ran would not hesitate to block all AWS IP addresses as a solution

DNS will not resolve any .ir (.coms that are iranian) domains here in US, afaikt.

Not at all true. Try http://www.president.ir/en

That does not resolve for me. Neither do any of the news sites. I even tried government ministries, such as en.mop.ir.

    simple$ ping president.ir/en
    ping: cannot resolve president.ir/en: Unknown host  
    simple$ ping en.mop.ir
    ping: cannot resolve en.mop.ir: Unknown host   
    simple$ ping tehrantimes.com
    ping: cannot resolve tehrantimes.com: Unknown host
    simple$ ping presstv.com
    ping: cannot resolve presstv.com: Unknown host

That might be something your ISP is doing. Try

  dig www.president.ir @

Thanks. That got me the ip but browser won’t connect to it. So it’s blocked at the ip level. (Why would an ISP do this? Mine is one of the majors. Curious.)

Feels like there could be a good business in providing this CIDR-hopping push-updating proxy as a service other apps could embed. Like what CloudFlare does for DDoS protection, but as a forward-proxy + client middleware, instead of a reverse-proxy.

Depends on your definition of "good."

Dealing with hostility from government bodies is probably no fun.

While it worked in that case, it is not an invincible method.

> §560.204 Prohibited exportation, reexportation, sale, or supply of goods, technology, or services to Iran.

> Except as otherwise authorized pursuant to this part, and notwithstanding any contract entered into or any license or permit granted prior to May 7, 1995, the exportation, reexportation, sale, or supply, directly or indirectly, from the United States, or by a United States person, wherever located, of any goods, technology, or services to Iran or the Government of Iran is prohibited, including the exportation, reexportation, sale, or supply of any goods, technology, or services to a person in a third country undertaken with knowledge or reason to know that:

> (a) Such goods, technology, or services are intended specifically for supply, transshipment, or reexportation, directly or indirectly, to Iran or the Government of Iran; or

> (b) Such goods, technology, or services are intended specifically for use in the production of, for commingling with, or for incorporation into goods, technology, or services to be directly or indirectly supplied, transshipped, or reexported exclusively or predominantly to Iran or the Government of Iran.

For US citizens, does helping folks in Iran in this way with a Signal proxy fall under these terms?


I would keep in mind that the US has weird antiterror laws about assisting enemies and also laws which construe bypassing system designs as hacking.

For instance, Virgil Griffith is being held and charged for giving a high level description of bitcoin transactions at an academic conference in North Korea.

This is incredibly more specific and more technical of an act.


Virgil Griffith was told not to enter North Korea by the US government, and snuck in through China anyway. He admitted to specifically talking about how to use cryptocurrencies to avoid sanctions, and admitted he knew at the time that that was illegal.


Can someone who is a lawyer comment on this, please?

edit: further.. how is Signal shielded (if at all) from providing services to anyone in Iran? Wouldn't they be a target in such a case? The blog post is an explicit call for assistance specifically to do so.

Not a lawyer, but details of the sanctions are public[1], including Iran General License D-1 which covers services, software, and hardware incident to personal communications. The license has details for fee based and generally public free-of-charge services. We want Iranians to be free to communicate.[2]

[1]: https://home.treasury.gov/policy-issues/financial-sanctions/...

[2]: https://home.treasury.gov/news/press-releases/sm0322

> Executive order 13722, signed by President Donald Trump in 2016, prohibits U.S. persons from exporting services to *North Korea*.

Edit: You might find GitHub's description of how they handle this interesting: https://github.blog/2021-01-05-advancing-developer-freedom-g...

This law is trivially easy to get on the wrong side of. Something like this would be definitely in scope of the anti-terror law you're talking about. American HN users beware.

I wonder how many First Amendment lawyers would be champing at the bit to take a case where a prosecutor was dumb enough to charge someone with a crime for assisting dissidents to communicate.

Problem is that to many from the other side of the Atlantic "dissidents" look an awful lot like "terrorists".

Calling everybody "terrorists" is for politicians and pundits. Judges spend all day seeing through hyperbole like that.

What happens when Iran's government itself runs a bunch of these proxies?

Even worse, what happens when they MITM all of the installs because the docker container has really bad security such as:

RUN wget http://nginx.org/download/nginx-1.18.0.tar.gz


Installing via HTTP, with no verification of installer seems like a reallyyyyy bad idea.

I noticed the same thing, and filed an issue [1]. The first reply does not fill me with a lot of confidence (but it's unclear to me whether the person is affiliated with the project or not).

[1] https://github.com/signalapp/Signal-TLS-Proxy/issues/6

They have completely disabled issues on that repository. Wow I used to really like Signal...

And it seems they've fixed the issue, without any kind of public comment.... still not great: https://github.com/signalapp/Signal-TLS-Proxy/commit/39a97da...

I (partially) fixed this issue, and I'm not affiliated in any way with Signal. It's public (https://github.com/signalapp/Signal-TLS-Proxy/pull/2), and it looks like they welcome contributions, because they merged mine.

Wouldn't it be saner to also verify the downloaded archive hash? It looks like the domain resolving of nginx.org is trusted without doubt.

Sure! I also opened another PR to check the archive signature: https://github.com/signalapp/Signal-TLS-Proxy/pull/10

Sorry for not noticing your PR before filing the bug.

I still find the way they (partially) dealt with this a bit worrisome.

You'd be building and running these outside of Iran for them to work, which would limit the Iranian government's ability to perform the attack you describe.

That’s awful.

If all the traffic going via the proxies is e2e encrypted is there much that can happen?

But the fact that you are in Iran and using Signal may get you added to a watchlist. They can trace the IP addresses connecting to the proxy server back to a household or phone, no?

I don't think Iran is as oppressive a regime as you make it out to be. AFIAK the act of using (or attempting to use) Signal is not illegal. The resources required to trace an IP and track down the user simply because they used a messaging app seems unfeasable. Not to mention IP addresses on mobile devices are highly dynamic especially if you're jumping between wifi and cellular. Correct me if I'm wrong but I think in practice it's pretty hard to link IP addresses to actual individuals.

Not much. It's 99% certain that Iran already has the IPs of all Signal users, and they haven't penalized people for using encrypted messaging as of now.

Applications are open for YC Summer 2021

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact