First of all, thank you moxie and signal team for this proxy.
I have a suggestion for signal team: please put tor in the signal, tor is better than any proxys or vpns.
Regarding Tor: if you want a Signal-like app that uses an onion router look at Session. 
It uses the same encryption protocol and very similar UI to Signal but routes all traffic through the Loki network so your traffic passes through three nodes. It is an onion network like Tor.
One other benefit of Session is the lack of metadata inherent to its design. No phone numbers or even usernames are attached to your account. You get a set of characters that looks similar to a bitcoin address and a QR code to make sharing it easier.
Of course this lacks the convenience of Signal but it’s as hard to block as Tor.
1. An associated crypto-currency (not outright bad but weird smell IMO) 
2. Abandoned perfect forward secrecy and deniability 
3. Never completed an audit (though supposedly one is in progress) 
There are a million and one encrypted chat programs out there. Why should I use this one?
The lack of metadata is also quite a unique selling point in my eyes. There’s a million encrypted messengers now sure. How many automatically connect through an onion router with zero config required and don’t require you to create an account at all, but instead assign you a random ID disconnected entirely from your phone number, email, and other personal identifiers?
It’s certainly an option to consider is the only thing I’m saying. Tor was mentioned so Session popped into my head for the reasons mentioned above.
Regarding PFS. They currently implement the Signal Protocol. Session is of course FOSS so anyone can check this. Your source does say they’re planning to fork it as the Session Protocol later this year so it integrates with their network more easily. But that’s an upcoming, unfinished project. To be honest I don’t know much about it as it’s still in development. I do know that currently Session uses the Signal Protocol through an onion router without the need to so much as create an account.
And yes the network itself is a bit of a convoluted idea that tries to do many things at once, but the fact they run on a blockchain means they already have a lot of nodes set up in different countries around the world through which to route traffic, and the reason they could build a decentralised network quite quickly despite being a relatively young project is they incentivise those node operators with cryptocurrency.
Because it is a young project they are still undergoing audit yes. This is absolutely something worth noting. It’s a relatively new project. It’s no longer in beta, but nowhere near as well established as Signal. However it’s precisely because of this it’s unlikely governments are bothering to target it yet.
I don't get the prejudice some have against blockchains either. It's not even like this is Keybase where they shoehorned a crypto wallet into the app. They do have a wallet but it's a totally separate application. Session is purely a messenger and nothing else, you'd have no idea a blockchain was involved at any part of the backend if you weren't told about it.
I have played around with Tox and it's a cool project, but it's been in beta since 2014 and is not well optimised for mobile at all. I don't think it'll go very far personally.
But yes you are correct it looks like they're justifying ditching PFS by saying "if someone has your keys you're screwed anyway."
However they're not just stripping away security outright, it's more that they're betting on onion routing to cover the user instead - no one who is sniffing traffic on your WiFi network will be able to get your keys because the traffic is routed through the onion network, therefore the only way anyone would get those keys is by pwning your entire device or having physical access to it while it's decrypted which, as they note, is endgame no matter what messenger you use.
I don't necessarily think this is smart as it's best to not put all your eggs in one basket especially where security is concerned. But given all traffic goes between 5-7 nodes  the scope for someone without remote or physical access to your device to get your keys is extremely limited assuming their onion network is as secure as they claim.
As for deniability, they sign the message with the long-term keypair, but once the message is validated this signature is wiped. So again it pretty much comes down to relying on their onion routing to ensure this signature isn't intercepted in transit.
Finally I think it's relevant Session is really designed for a different use case than Signal - since your ID is not connected to any personal identifiers, you can wipe it whenever you want and get a new ID that has zero cryptographic connection to the old one. So while there's no ratcheting of keys, the intention isn't really for someone to stick with the same account for years like it is for Signal where your account uses your phone number as an identifier.
I'll wait for the results of the audit, if they come out and say Session is fundamentally flawed I'll happily concede. I have zero ties to this project aside from finding it useful for particular use cases. My prediction is the initial audit will find some potential vulns as they roll out more of the Session Protocol simply because it's a new fork. Probably why they're getting the audit done now. That's the responsible move when forking a crypto protocol it seems to me.
I maintain that for people who want a messenger that knows as little about them as possible, doesn't rely on a personal identifier, and connects to an onion router reliably (by comparison, using Tor on mobile is... not a good experience) it's at very least an interesting project to watch even if it still needs time to mature.
As we have seen, if they have your device, it’s over even if you use ratcheting etc.
Regarding your footnote #2 about PFS, it said this (among other things).
> In some theoretical scenarios, these properties do protect users; however the utility of these protections in real-world scenarios is often more limited in scope than might be expected. We must also consider that these safeguards are offered at the expense of additional complexity, decreased account portability, and multi-device limitations. These protocols were simply not designed to be run over a decentralised network.
I have to say, I’ve considered the utility of it myself. It seems to me that I’m far, far more likely to have my chats compromised through my chats being stored in plain text on my devices than in a technical scenario that PFS could have prevented. What do you think?
Preface: i've been in it since 2011, but I entirely agree. It's still too complicated for most users, but we as community have gone a long way from where we were 10 years ago, so we certainly have blinders as to where to improve upon.
Could you specify what it is specifically that makes the overall UX so disappointing? I ask because I think we are now entering a phase of on-boarding a lot of non-tech people onto BTC network as payment settlement networks and other misc financial services, something I already have personal experience with, but having a tech person lime these out would be a tremendous help.
Session has a pretty nice UX though, better than Wickr which has been around longer, although not as refined as Wire. It's pretty much a more barebones Signal without phone numbers as far as pure UX goes. It should follow the system setting for dark mode though. No idea why it doesn't.
> I have to say, I’ve considered the utility of it myself. It seems to me that I’m far, far more likely to have my chats compromised through my chats being stored in plain text on my devices than in a technical scenario that PFS could have prevented. What do you think?
To be honest I agree. It's always good to have layers of security in case there's an exploited vulnerability in one. However, it seems pretty far fetched that someone with the ability to pull off a successful attack to grab your keys in the first place is going to be stopped from grabbing past messages by PFS.
If they've got your keys they've either cracked the layers of encryption that protect them in transit (highly unlikely) or they've pwned your device (much more likely). If they've got remote code execution on your device PFS isn't going to make any difference to anything. As you say, messages stored in plaintext is a far bigger real world risk.
This is why I always have disappearing messages on. That makes me feel safer than PFS. At least then in the worst case scenario past messages simply aren't there in storage.
To put it another way, if I had to choose between disappearing messages and PFS, and I could only have one, I'd choose disappearing messages.
And it does also seem to me less like they're removing security, more like they're relying on a different form of it. They're having to strip PFS to make the protocol work reliably on their onion network. The fact all my traffic goes E2EE through 5-7 nodes, as per the technical description, should provide a strong level of protection against any traffic sniffing threat model assuming their fancy new way of doing onion routing is as secure as they say.
It seems to me that's what it really hinges on. As long as their onion router is actually secure, the E2EE messages are going to be secure in transit.
The biggest risk then would come back to unpatched exploits or 0days in the OS or side channel attacks in Session itself. That's how most attacks on messengers succeed after all, not by complex attacks on the crypto protocol but through side channel attacks in the application or exploits in the underlying OS.
I suspect that is the future for encrypted messaging. Pretty much everyone ends up keeping their old messages around thus negating the value of forward secrecy. Deniability ends up being just some forgability scheme in most cases.
So the benefit of those features turned out to not be worth the extra risk of the added complexity.
Also, Session is promoted as a non-profit project, but following links around about LokiNet and Oxen you find out about a blockchain-based cryptocurrency, which is known to be an anti-pattern on many levels (though they use Proof-of-Service not Proof-of-Work which is slightly less worse).
Finally, Session appears to be free-software (good), but is not distributed on F-Droid, the only privacy/security-friendly app store for Android. They encourage you to download random APKs from Google Play (which requires Google Play Services malware and a google account) or Github (owned by Microsoft, though i note they sign checksums with PGP on Github so it's safer to download from there than Google Play, even though they don't provide instructions on how to verify signatures). On F-Droid, they could either have F-Droid build/distribute the package with Fdroid's PGP key, or open their own F-Droid repo with their own PGP key (like Newpipe did), or both.
I really appreciate their communication around dissent and the need to protect communications to help the people against their governments. However these three points i just noted are really shady to say the least. I understand they need to please investors to put money in their fridges, however trying to mix for-profit incentives with non-profit services to the communities is always a dead-end.
They don’t have to, they just need Facebook to cooperate.
To be clear I’m not suggesting this is absolutely happening. I’m merely pointing out it’s entirely possible from a technological perspective given it’s closed source software owned by Facebook. That’s not a recipe for privacy.
I'd love for iOS and android to add some sort of OS-level application hash or something. "This app was compiled with xcode version X / llvm version Y with this set of options. The resulting binary hashes to ZZZ". That way with the source code you could verify that the binary on your phone is unchanged.
(Another approach would be to get apple / google to do the compilation themselves from the project on github. If apple builds my project, they could put some signed metadata in the bundle saying "We (apple) compiled this from git SHA XXX")
It's an issue with Play Store as a delivery channel, the individual app in question can't do much about that.
Reproducible builds help if you:
- download the APK separately (includng from the Signal website, or some of the other sources)
- install the file locally via sideload
- disable updates (!)
On iOS it's a lot more difficult to get the required certificates from Apple but you can run your own build in Xcode and deploy it to your personal device if you are a registered Apple developer.
While reproducible builds are obviously the gold standard, for apps you install from the Play Store or the App Store, developers sign the apps that get distributed with their own private keys. As Google and Apple don’t have access to these it should be verifiable that the apps are not tampered with.
There is an exception here with the Play Store, where there is an opt-in option for Google to sign the app on your behalf , but I think we can safely assume Signal are manually signing with their own private keys.
In any case it's easy to just grab an APK from an Android device and check signatures for yourself.
For iOS though, no surprises here it’s locked down. Although from what I gather reading Apple’s security documentation, it confirms that apps must be signed by developers with their private keys.  But unlike Android there’s sadly no way I can tell for the user to independently verify this without jailbreaking.
But ultimately, short of building each version yourself, all this is moot if you distrust the developers.
You can build the iOS version too for development: https://github.com/signalapp/Signal-iOS/blob/master/BUILDING...
I haven't done it before but you should even be able to deploy that build to your phone in theory: https://codewithchris.com/deploy-your-app-on-an-iphone/
It's unclear to me if there are any restrictions on iOS that would prevent you from doing that.
You can certainly get your own build working (without notifications and other features). But personally I found it prohibitively difficult to do so.
But reverse engineering is a skill in itself and modern day smartphone OS's use a lot of code obfuscation when apps are compiled. This effectively means even those talented hackers are going through the reverse engineering process pulling at threads until they get lucky.
Reverse engineering (in this context, at least) doesn't just show you the code as the developer wrote it. And FB hires a lot of very clever people including cybersecurity experts who could sneak these things in using innocent looking code scrambled around the app. Even open source projects are at risk of having backdoors put in that pass review and simply look like innocent bugs if they get discovered, let alone closed source apps that have to be reverse engineered.
Again not going conspiracy nut and saying that's what FB is doing. Just saying it'd be very easy for FB to hide it if they were doing it.
To me the biggest confirmed weakness of WhatsApp is the cloud backups. E2EE is pointless when the message database is synced up to iCloud or Google Drive. WhatsApp even tells you this itself. When you enable cloud backups (and they keep bugging you until you do it) it literally tells you the backups aren't secured by E2EE.  Because, well, of course they aren't.
"Media and messages you back up aren't protected by WhatsApp end-to-end encryption while in iCloud."
If I wanted to I could install a fork of Signal that doesn't require Google Play  and run it on any non-Google Android build. I would do if it wasn't for the fact I'm currently using an iPhone.
The auto update functionality just tells you that an update is available, you can choose not to install it. You can also independently verify that the sha256 sum matches the one given on the website, and that the binary that sha256 sum corresponds to is produced via the reproducible build instructions. There are occasional bugs (I'd estimate a couple times a year, though it's less and less frequent) that causes the reproducible build to not match the provided build, and it's quickly noticed by someone and an issue opened in the issue tracker. If there were no explanation or no quick resolution, people would publicly raise a stink about it.
There is a time bomb in there and servers will kick you out regularly unless you have updated.
If you get a patched client running you could probably change whatever string is required but some sort of action is required on the client side.
It makes it impractical to actually audit the code you're running, because you're forced to re-audit on Signal's schedule. And it makes those audits mostly meaningless: what are you going to do if you decide a given code change is suspicious? You can't keep using the version of the code you were happy with, so you'd better have a plan in place for moving off Signal quickly - but in that case how much can you gain from using it at all?
This is just bullshit. If you have access to the binaries you can find out what the software does.
Not saying this happens, one possibility can always be to send encrypted traffic to WhatsApp servers while opening a second unencrypted channel to govt servers if a govt asks for it.
This proxy arrangement is better because folks who start them tell their friends in Iran, who tell their friends, but it isn't listed publicly, like most Tor entry nodes are. When the authorities find a proxy and block it, they only disconnect a subset of Signal users, who hopefully have other proxies they've learned from other friends or friends-of-friends. So now the blocking is trying to put out a thousand small fires that they have to find one-by-one.
<I have consulted for the Signal Foundation in the past, but not recently and haven't talked with anyone there about this>
If you can help share more proxies to people who need them, please send me an email (in my HN profile).
I don't remember what it's called, but I think the app is official by the Tor devs and basically makes a local VPN that your phone connects to and then forwards all traffic through Tor. It was on F-Droid last time I checked.
Can you explain this?
Let's say you use the Tor browser to browse some regular (non-Tor) site that is illegal in your country for whatever reason. But let's say you then remember you still haven't paid your taxes so you open a new tab and quickly go do that. But you're still in the Tor browser, so your e-banking traffic is going out the same exit node as your "illegal" traffic. Now, anyone that saw both of those things come out of the same node can conclude that it's somewhat likely both were done by the same person. If that someone is the government, they can get access logs from your bank and see which account was accessed by the exit node's IP. The more times you do this, the stronger the link between you personally and the illegal site is.
Of course, doing your taxes through the same Tor session is something most people would know to not do, but if your entire device is tunneled through Tor, you no longer have a say in what data it leaks. Your banking app probably sends requests periodically in the background to check for updates or whatever, your email client syncs your emails, etc. If any one of those services can be coerced by your government (and chances are they can) then whatever illegal things you do in that session can be loosely linked to you. I say loosely, because there are many people on one exit node, but the data points start adding up after a while (and depending on the insanity of your leaders, just being on the list of candidates might be enough to disappear you).
As for how they would get that metadata in the first place, there are a few ways. The exit node might be under their jurisdiction, but since we're talking about bypassing censorship, it certainly isn't. They could also have compromised the "illegal" server (hacked/coerced/honeypot...), in which case it's just a matter of cross-referencing the site's logs with anything they can get their hands on (and if the government is authoritarian enough, they probably already have access to a lot). The last option is compromising the exit node, which is also not impossible. There's nothing stopping your government from setting up a thousand Tor exit nodes and logging all the metadata. If you're constantly running Tor, chances are you land on one of their exit nodes eventually.
DISCLAIMER: the above was probably a bit too paranoid, but as I have zero experience hiding from an authoritarian government, I'm not in a position to judge how much paranoia is justified. It's entirely possible that none of this applies because your specific adversary doesn't employ these specific de-anonymization tactics, but that is something you need to know for your specific situation. I assumed an "everything is fucked" threat model here, but yours might not be as severe and other types of mitigations might be more appropriate.
That isn't how Tor works. Tor creates a new circuit for each new host you connect to, and they also create new circuits for the same host fairly regularly (every 15 minutes I think) -- both of which are done specifically to avoid this precise attack.
I also don't have experience dealing with an authoritarian regime, and there are many more aspects to OPSEC than just using Tor (after all, Tor doesn't look like normal internet traffic unless you use obfuscators -- so an authoritarian regime can just target all Tor users, which is why having Tor be used by more people is important for improving anonymity). But Tor has already dealt with obvious attacks like the one you outlined.
But maybe so many people in Iran use Tor that it's not very outstanding to use it? I remember there were stats on that published on the Tor Project Website...
Edit: To answer myself after 5 minutes of thinking: Of course there are bridges, too. I guess they don't appear as suspicous as regular entry nodes?
You can get a tor proxy for Android at
Caddy has a secure forward proxy plugin born out of a research project at Google that does something similar, but works with any clients that let you configure HTTP proxies, and doesn't terminate TLS: instead it tunnels it over TLS. The proxy server itself can also be probe-resistant, i.e. difficult to detect that a website is acting as a proxy.
I'm hoping more people can help test the patch to support Caddy v2: https://github.com/caddyserver/forwardproxy/pull/74
(Edit: Disclaimer - Don't use this in situations where your personal safety or freedom could be at risk... not yet. Not until more people with more experience can vet its implementation for bugs, and a very clear threat profile can drawn up. If you have experience with this, we'd love your help.)
>Don't use this in situations where your personal safety or freedom could be at risk
reason why i have a general disregard for technologies that are based on some sort of "link" AFK, phone number or the stupid facebook real name policy. this is as of today being used to crack down on dissent. what you are saying is true but https://thenextweb.com/in/2020/01/08/kashmirs-police-want-pe...
when you have your govt do this, how can you keep your signal account private? your phone is already listed. isnt it? cant the police see if you are on signal and if online means you are bypassing them somehow regardless of what you might be saying?
No, it's pretty good. Think about it: all DPIs can see is an ordinary https connection. Since the traffic itself is encrypted, to discriminate this from normal web browsing the DPI device can only depend on metadata. Classic moves are:
1. Packet length pattern for TLS-in-TLS.
2. TLS fingerprinting.
The first could be defeated by adding padding to the first few packets of each of your connections. 
The second.. someone built a socks5 <-> https CONNECT proxy client  out of Chrome's codebase, which means it shares all the fingerprint with Chrome and you really can't tell.
Note that TLS over TLS is _not_ the same thing as TCP over TCP. TCP over TCP is usually only a problem for VPNs or something similar (i.e. anything that sends raw IP packets over TCP).
Yet, in the US these companies help the mainstream narrative to enforce censorship by banning (Google and Apple App market) or simply not offering other point of views basic hosting services (AWS).
I am an Iranian and don't agree with all of our government actions but I can clearly see a tech neo-colonialism/neo-imperialism here. I am sure Signal's intention and people wanting to help is genuinely good but this does not change this double-standard.
I would like to see your supportive reaction if an Iranian company offers hosting to Parler. I imagine you would call it foreign intervention!
This is a hacker forum and not a US foreign ministry praise board, even though it is mainly US based. In other words, I doubt the reaction here would be rage, if a iranian company would do that. Hackers usually are not in favor of censorship or information restriction.
So who do you mean, with "you"?
There are many comments on previous HN threads defending censorship and information restriction, precisely as the GP has described it.
Rather the contrary. Anyway, by my tautological definition of hacker, no hacker would be in favor of banning a communication app, anyway, so ...
Amazon, Apple, Google, Twitter, Facebook, etc. are multibillion-dollar corporations that control a colossal share of online communications.
Let's not play pretend here.
Would you also say that tech companies banning ISIS is systematically oppressing members of one religion?
> that's the antithesis of free speech
It’s not. Companies enjoy freedom of speech too, but you’d force them to publish content they don’t want to publish. That’s the antithesis of free speech.
I agree I could have said it more clearly and less emotionally.
Why THESE companies? Where did Signal do this? Or are all US companies the same entity to you?
In this simplistic viewpoint, issues in 3rd world countries (even this naming is condescending) are assumed to be evident. In this case an evil government versus oppressed people who can not even communicate with each other freely. So 'we' good people must help these poor people against their oppressive government.
This is in contrast to a much more nuanced view of the issues in the west. End-to-end encryption is a debated issue in the US and EU and legislators have proposed laws to ban it or enforcing other mechanisms to circumvent by law enforcement such as backdoors.
I mentioned the US as an example, because of Signal is operating under US jurisdiction. Moreover, the recent events in the US demonstrated that how a supposedly stable democracy is vulnerable to chaos. In this situation the tech companies decided to limit the communication of people or access to their platform for the greater good (according to them). I am not stating whether this is good or bad. I just want to point out that the issue is complex, nuanced and needs debate in the society. Keep in mind that the US is a superpower surrounded by two oceans and two friendly countries and has no serious external threat.
This is in contrast to Iran which is in a chaotic region and surrounded by the US military bases. It has suffered wars and coup in its recent history. It is currently under harsh economic sanctions with a possible goal of people revolting. The Iranian government has reasons to be paranoid and fearful that Signal can be used to organize violent demonstration. They cannot even demand information regarding criminal cases such as drug trafficking from these tech companies.
In the US the decision of giving access to tools and platforms is out-sourced to companies but in most part of the world governments make these kind of policies (again not necessarily good or bad).
I don't have a solution to these problems and I am not trying to say that we have an equivalence here. What I am expecting is a more nuanced and sophisticated perspective toward the issue.
It looks to me like you try to cloud your false argument in whataboutisms based upon a profound lack of knowledge:
> I mentioned the US as an example, because of Signal is operating under US jurisdiction.
The reason Signal is a good way to go is because this doesn't matter. Signal doesn't save any conversations they can hand over to the US (or other) government.
> This is in contrast to Iran which is in a chaotic region and surrounded by the US military bases.
Yeah, yeah I get it. We all do. US = bad but how does it change anything for the oppressed people in Iran we can help here? If those would have been people in the US, we'd be doing the same thing for them here in the EU.
> What I am expecting is a more nuanced and sophisticated perspective toward the issue.
A whataboutism and derailment of the issue is neither nuanced nor sophisticated. It's quite shady and ignorant.
Here is something you can do to help people out but instead of doing that, you try to build some weird case which actually helps the Iranian government.
And sure enough, the FBI is investigating.
Signal is a charity rather than a company, but dunno if that makes any actual difference.
It's fine with me if an Iranian company offers to host Parler.
Having said that, I'm also in favor of prosecuting US companies that violate any sanctions we have against Iran.
> Why are you in favor of sanctions on Iran?
My position isn't that Iranian sanctions are a good idea - I don't yet have an informed opinion about them.
We have laws against US companies trading with Iran and
I believe in the rule of law as a general principle.
Can someone please explain to me why it's a OK to reconnect Iranians to Signal, but not Trump supporters to Twitter (the ones censored and banned by Twitter)?
If you want to reconnect people to twitter (a publishing platform) who have been banned for racist hate speech or inciting violence, and the laws in your jurisdiction permit you to do that. Then you can do that without going to jail.
If you want to reconnect people to signal (a personal communications tool) who have been disconnected from it due to reasons best understood by the Iranian government, an the laws in your jurisdiction permit you to do that. Then you can do that without going to jail.
It's really just a value judgement whether you consider giving a publishing platform to racists against the will of said publishing platform is a worthwhile activity.
And, again, it's just a value judgement whether you consider giving the right to privately communicate back to Iranians who have been, effectively, deprived of it by connecting them to a service which will willingly have them is a worthwhile activity.
Your values may differ from mine. And both my and your values could differ from the majority of HN users. My experience is that perfect alignments of values rarely, if ever, occur between any two individuals.
But let's just assume we both dislike the editorial policies of Twitter. A pretty safe assumption, I think :)
Will spamming Twitter via a network of TLS proxies do anything to change their editorial policy to something more preferable to you or I?
Will setting up a network of TLS proxies to Signal give Iranians access to Signal?
Perhaps the answer to those two questions will give some indication as to what the practical (and moral) differences are.
For my two pence. I think anyone should be allowed to use a phone for any purpose, and I accept that a tap-proof phone can be used to commit crimes. I don't think Osama Bin Laden should be able to take out a page in the new york times to give his hot take on his "hugely successful" WTC attacks. Don't get me wrong, I'm not saying that these examples map directly to the point in hand, but I am just pointing out that they are different media and the balance between freedom of speech and public decency are struck differently and that tactics for finding political solutions to censorship in each case might look different, too.
Iran's (authoritarian, human-rights-abusing) government wants to prevent citizens from communicating with each other using tools that are resistant to interception by their secret police. HN supports the basic human right to privacy, and thus wants to help Iranians circumvent unjust laws or government actions.
White supremacists (who happen to support Trump, because duh) are being banned by Twitter -- a company, notably distinct from a government, and thus incapable of "censoring" anything. This prevents them from using Twitter's platform to publish hate speech and (arguably illegal, definitely unjust) calls to violence. HN supports the right of a company to decide who can publish content on their platform and agrees that it's cool to tell racists that they aren't welcome there.
Meanwhile we are blocking Iranians to access Docker, Slack, Gitlab, Google Code, Github(Github until recently), Paypal, Apple Store, Play Store, AWS, Coursera, Adobe, Nvidia, AVG, Avast, Symantec, McAfee, Matlab!!, Oracle and many more.
It should be really fun to use Internet in Iran.
Jokes aside it's truely painful. I was lucky to have a job that got me out easily. Though it felt embarrassing when I was seeing everyone uses Docker and AWS extensively at my new job while I had never used them properly not because I wasn't smart enough but just because of where I born :(
Is there no way to build this in the Signal clients themselves? Eg. on is on a wifi, try to upnp, ask the user if they'd wish to help.
They can donate some money to charities running Tor nodes while they're at it, or run some themselves.
Iran tried to censor Tor too, but it's pretty much impossible to do so fully. At least the Tor devs are usually on top of it, while Signal is inexperienced dealing with things like this.
The fact that it is?
There are secret bridges and Tor is able to disguise its traffic as other 'legitimate' protocols.
My ex moved to China, and she told me that the only people who say Tor can't be blocked are people who have never lived in a country where the government is actively trying to block it. Just because you can connect to it doesn't mean you won't get a knock on the door in a month asking why.
Iran can block these proxies, too, but this way there isn't any centralized listing of proxies. This proxy setup is simple enough that a single person could run a proxy for a few dozen of their friends, and the Iranian government might just never find out about it.
I fear that some naive Western expat will participate and find themselves in a hostage. Many countries in this don't have any treaties with Western nations, they dont have high regard for human rights either.
One could use censorship evading VPNs like Tor, Lantern, Shadowsocks, Psiphon in addition to using these proxies. They all have different evasion mechanisms.
The thing that works for user-run proxies is, it is like a hydra, you censor one proxy another crops up.
Regardless, I hope this does actually end up working, and allows Iranians to use Signal without a prolonged cat-and-mouse game.
The TLS proxy signal just advertised uses plaintext TLS SNI header to determine where to route the packets, which makes it really trivial to detect and/or block. The same cannot be said about tor.
Signals TLS proxy is naive compared to obfs4, but at it’s core it’s a similar solution.
So no, it's not 'blocked'. They're just trying. Mostly by blocking bridges they know of.
$ docker logs shadowsocks 2>&1| grep "AEAD: repeat salt detected" | wc -l
It's not easy to build a protocol that is cryptographically safe all while keep the traffic characterless/innocent. Could be a "World Changing Event" if somebody discovered a way through.
Although, if only Signal is making nice sized packets, that could be suspicous.
If the censor already knows about your proxy they would have no reason to test it... The whole point is that there isn't a central list of proxies for them to easily block.
If it's trivial to figure out (by doing a nice handshake) whether something is a certain kind of proxy, then the cat-and-mouse game is reduced from finding lots of mice to updating the cat system to test whether passing animals are mice and instantly wiping out the mice population.
YET. I wonder if someone will find a simple way to map these with shodan.
I fully expect the US govt to have access to fb/whatsapp data (at least the metadata), but it's a bit surprising to me that Iran would too.
They certainly aren't complying with U.S. antitrust laws. They comply if it makes them money and don't comply if it doesn't make them money.
I guess I'm coming down hard on one side of a controversial question, but in my mind, if it allows the server to intercept messages without users knowing about it under the default configuration, it's a backdoor.
— Perhaps the door is cracked (or ajar) and a microphone is listening in ... still?
I could not test it with the Signal client yet, because the Beta is not yet available for me. However I verified that the nested TLS works using openssl and netcat.
Looking into their repo, they also appear to be building an nginx image from docker.io/ubuntu:20.04 instead of using docker.io/nginx. They are also running two separate nginx processes. I wonder how they ended up with this weird intricate setup.
I would be glad to help if they offered straightforward instructions.
Also the way they’ve done it makes it incredibly easy for anyone who isn’t a tech expert with a web server to still help out with a $5 domain and a $5 VPS. You literally run three commands and it’s done.
They want as many people as possible running these so blocking them all is as difficult as possible. It’s the smartest approach to have a low barrier to entry for something like this.
Without federation, Signal is just another stepping stone in the long path of eventually abandoned instant messengers, all the way back from ICQ. We will get to an SMTP-like protocol, and email-like service, at some point. If not Signal, some other one.
It’s why we re not using smtp for chat. SMTP can’t be extended enough so replacements are built instead.
Similarly if signal federated, eventually it would freeze and a few years later users would move to wherever they could get new features.
Federation is a good thing but only when the protocol is finished or if there is a forcing mechanism to allow updates to the protocol. ethereum/Bitcoin are good examples as they have flag days that force the value of currency to be in the balance to keep the protocol moving forward.
Im not sure "chat" needs this much constant "innovation" at the protocol level. Most of the issues with email are client UX more so than actual protocol limitations.
I think XMPP is a better comparison than SMTP. In its heyday, XMPP had several clients, some with different proprietary extensions, and all the core functionality basically worked across all the clients. Though it turns out some of the messengers I thought were XMPP were actually different protocols that XMPP could work with. Imagine that. People still use it too, though it's not as popular as it was in the 2000s.
Moxie, one of the original authors of the Signal protocol, said federation severely restricted flexibility and so they had to move on: https://news.ycombinator.com/item?id=11668912
Agreeing on and keeping some spec up to date is a solved problem. Just ask any web standards committee.
Do any SMTP servers still allow organic routing? I was under the impression that all modern servers have extremely cumbersome auth/dkim and its hard to not be GMail and still send a real msg and have it arrive
More info: https://www.secfirst.org.
Web (Beta): https://umbrella.secfirst.org
Even if you teach everyone how to deploy their own servers, then that's the knowledge the government will start targeting. You can make blocks expensive, i.e. blocking other major, useful services that would disrupt society too much for them to want to deal with, but this of course has its own costs.
It's censorship and surveillance all the way down.
That's not to say it's a free society or that censorship doesn't exist there, just that it's not the sort of regime that is particularly good at it.
If I had to guess, Iranian expats would be a likely set of people to start up proxy servers for their family and friends back home.
From the article:
> A more discrete approach would be to only send the link via a DM or a non-public message. You can post something like this on your favorite social network:
> * #IRanASignalProxy Reply to this thread if you want the connection details, and follow me so I can DM you the link.*
They'll probably try, but it's not very scalable. It's tough to build and maintain a Twitter account with a history that looks like a real regular person, much less create a bunch of them fast with history that dates back before the day you started. If most of them make a modest effort to verify users, most of them should remain unblocked. It's all pretty decentralized, so it's not that big as deal if a few of them do get discovered and blocked.
You also overestimate how committed Iran is to stopping this. Doing this in public risks the state finding out, but outside of times of crisis the state is usually pretty slow to respond. Keeping it private tanks participation rates.
So a down-low friends and family approach could reach a lot of people.
From the blog post, "A more discrete approach would be to only send the link via a DM or a non-public message."
> how about randomly giving out random proxies in some header that the app could query on cloudflare or google or akamai
That would "..increases the chance that Iranian censors will simply add those IPs to their block list"
It looks like the solution provided in the blog post is limited to helping folks run their own proxy for people they know.
My last in-depth reading on it was the excellent 2016 SoK paper “Towards grounding censorship circumvention in empiricism” (http://www.cs.umd.edu/class/fall2018/cmsc818O/papers/sok-cen...)
The high level takeaway then seemed to be that researchers were not focusing efforts on measures that can actually help more people resist censors. Have we made progress since then?
Tor, Jigsaw's Outline, and V2RayNG are worth keeping tabs on as they're FOSS projects and do much of their development in the open.
Lantern's development whilst it was still open source was fascinating to see as well. Since 2016 (I believe) they stopped doing so out of security concerns: https://twitter.com/adamfisk/status/1316569766832869377
I'd heavily advise instead to run as many xmpp servers* as possible, and let people/friends use them.
*not matrix, unless one configures it to forget the data and only act as a message broker, like XMPP. For this specific use, it's better.
edit2: You can drop me a mail here, too: email@example.com
Except, of course, that posting public keys is too 1990s for him https://moxie.org/2015/02/24/gpg-and-me.html (which contains some good arguments but offers no solutions, so whatcha gonna do, post a phone number and trust the signal servers to give you the right public key? That's better than self-published public keys? For an anarchist? Is it smart to post phone numbers publicly anyway, see e.g. SS7?) Perhaps just ignore this paragraph, I'm just a confused person seeing mixed signals.
Call me extremely pessimistic but events like Jan 6. will be used as justification to start attacking applications that offer end-to-end encryption, and encryption in general. Just like 9/11 was used to justify eroding certain civil liberties.
Thanks to olah_1 for this reference
> One employee pointed out that fascists are often quite public about their activities, as the recent insurrection in broad daylight at the Capitol showed
Russian govt had tried to block Telegram but telegram servers just keep jumping over various cidrs and users got the ip addresses for connecting over push updates and the only thing the govt succeeded in was blocking a wide range of subnets including AWS ranges and GCP ranges thus disrupting a whole lot of businesses and even some government services.
They gave up and lifted the ban eventually.
We really should not have let the majority of internet traffic be served by a small handful of giant companies without some legal protections as to what they're allowed to do.
But I would be 100% against any law that required them to allow domain fronting. It's fine if they want to, but requiring them to basically open up/leave open a hole in their systems is not right.
I'm really bothered by blanket policies that prevent beneficial uses of a tool because it can also be used to cause harm. Google and Amazon need to figure out how to disambiguate the two.
So it was not an act by google and amazon to activly harm Signal, but rather canceling ongoing support of Signal, that could put their buisness to harm, which is something different.
In the grand scheme of things, I don't like how much infrastructure technology giants control.
In this specific case, however, domain fronting is basically saying "if you want to ban me, you have to ban all of us", without asking if the rest of "us" consent to be put on the same boat.
It would be cool if they are, but it's perfectly understandable for them to disagree.
Just set one up myself took 15 minutes and that includes setting up a fresh VPS.
Just thinking what the best way to share it is.
The best idea I've had so far is using a CNAME response to a very common DNS query which would pass a basic filter, like I'd ask for "mail.mydomain.com" and it would respond with a CNAME pointing to the actual proxy. I have dead domains which I have configured with null records for MX and stuff (so spammers can't abuse them), I could hide the name of my proxies in the MX records a CNAMEs and nobody would be the wiser...
The trick is getting the word out on how to do it - like "hey everyone, just ask random domains for "mx.domain.com" and use the 30 level MX" or something which would pass as legit traffic. Maybe...
I’ve definitely got some old domains kicking about, I’ll see how far off they are from expiration and do something similar if they have at least a few months left in them.
The proxies themselves can also be hosted at normal sounding domains and subdomains like cdn.technology.memes or whatever.
And when you point other domains to them as CNAMEs use equally regular looking subdomains no algorithm would pick up as a proxy like webmail.abandoned.tld.
My conceptual idea is that how you get the person the name of the proxy to use has to hide as signal amongst the noise and not get trapped in DNS/domain blocking filters - and if it's keyword blocked by the Great Firewall, you just start asking other random domains for their MX records etc. I believe it's generally referred to as steganography: https://en.wikipedia.org/wiki/Steganography
Immediate recalling John Gilmore (GNU/EFF/etc.) in 1993:
"The Net interprets censorship as damage and routes around it."
Iran would not hesitate to block all AWS IP addresses as a solution (I don't know if that is how they block Telegram now). GCP resources would not load in Iran anyway because Google has a very strict (much more strict than AWS and Azure) interpretation of the sanctions, so they don't have to worry about them.
> ran would not hesitate to block all AWS IP addresses as a solution
DNS will not resolve any .ir (.coms that are iranian) domains here in US, afaikt.
simple$ ping president.ir/en
ping: cannot resolve president.ir/en: Unknown host
simple$ ping en.mop.ir
ping: cannot resolve en.mop.ir: Unknown host
simple$ ping tehrantimes.com
ping: cannot resolve tehrantimes.com: Unknown host
simple$ ping presstv.com
ping: cannot resolve presstv.com: Unknown host
dig www.president.ir @188.8.131.52
Dealing with hostility from government bodies is probably no fun.
> Except as otherwise authorized pursuant to this part, and notwithstanding any contract entered into or any license or permit granted prior to May 7, 1995, the exportation, reexportation, sale, or supply, directly or indirectly, from the United States, or by a United States person, wherever located, of any goods, technology, or services to Iran or the Government of Iran is prohibited, including the exportation, reexportation, sale, or supply of any goods, technology, or services to a person in a third country undertaken with knowledge or reason to know that:
> (a) Such goods, technology, or services are intended specifically for supply, transshipment, or reexportation, directly or indirectly, to Iran or the Government of Iran; or
> (b) Such goods, technology, or services are intended specifically for use in the production of, for commingling with, or for incorporation into goods, technology, or services to be directly or indirectly supplied, transshipped, or reexported exclusively or predominantly to Iran or the Government of Iran.
For US citizens, does helping folks in Iran in this way with a Signal proxy fall under these terms?
For instance, Virgil Griffith is being held and charged for giving a high level description of bitcoin transactions at an academic conference in North Korea.
This is incredibly more specific and more technical of an act.
edit: further.. how is Signal shielded (if at all) from providing services to anyone in Iran? Wouldn't they be a target in such a case? The blog post is an explicit call for assistance specifically to do so.
Edit: You might find GitHub's description of how they handle this interesting: https://github.blog/2021-01-05-advancing-developer-freedom-g...
RUN wget http://nginx.org/download/nginx-1.18.0.tar.gz
Installing via HTTP, with no verification of installer seems like a reallyyyyy bad idea.
I still find the way they (partially) dealt with this a bit worrisome.