Slashdot Mirror

← Back to Stories (view on slashdot.org)

Iran Forces Messaging Apps To Move Data To Iranian Servers (techcrunch.com)

Posted by BeauHD on from the cat-and-mouse dept.

An anonymous reader writes: According a report from Reuters, the Iranian government wants to be able to track private and semi-private conversations on messaging apps, and has given companies behind popular messaging apps one year to move their data onto servers in Iran. As it stands, many social networks are already blocked in Iran, and now the government wants to control even more online communication platforms. Apps like WhatsApp and Telegram, which have become incredibly popular in Iran, allow users to communicate with no government control. With Telegram, users can contact hundreds of people by creating groups. Now, even though WhatsApp for example is required to move their data to Iranian servers, it's unlikely the government will be able to intercept messages from the app since it features end-to-end encryption. WhatsApp can't even read the content of communications -- only WhatsApp users can decrypt the messages in their conversations. Apple's iMessage also features an encrypted messaging protocol, and Telegram does too, but users need to start "secret conversations" with end-to-end encryption.

40 comments

  1. Shut them down. by funwithBSD · · Score: 1

    And at a push of a button, the government can shut it all down.

    --
    Never answer an anonymous letter. - Yogi Berra
    1. Re:Shut them down. by K.+S.+Kyosuke · · Score: 2

      I wonder how they would attempt to shut down peer-to-peer messaging apps, or at least semi-decentralized services like Jabber.

      --
      Ezekiel 23:20
    2. Re:Shut them down. by BradMajors · · Score: 2

      The United States has shut down all financial transactions with Iran, but has not yet shut down message apps.

      You do have a valid point that the United States at "the push of a button" could shut down all Iranian use of message applications.

    3. Re:Shut them down. by funwithBSD · · Score: 2

      IF they are truly peer to peer, then they can't shut them down as easily.

      But if they are truly p2p, then why are there servers to move at all?

      --
      Never answer an anonymous letter. - Yogi Berra
    4. Re:Shut them down. by funwithBSD · · Score: 1

      I was thinking more of the Iranian government doing it, since this "law" would require the servers to exist inside the Iranian government's facilities.

      --
      Never answer an anonymous letter. - Yogi Berra
  2. "it's unlikely the government will be able to" by Anonymous Coward · · Score: 1

    LOL. This is Iran. If they can't get the data unencrypted, there will be no WhatsApp allowed in Iran.

    1. Re: "it's unlikely the government will be able to" by Anonymous Coward · · Score: 0

      Then someone will release an open source clone

    2. Re: "it's unlikely the government will be able to" by johanw · · Score: 1

      There is no need for because that already exists: Signal provides security and is open source. And if that gets blocked, the fork Silence (former SMSSecure) provides the same encryption with SMS. Try to shut that down (and see a lot of industrial alarm systems failing).

  3. What if US companies refuse? by Anonymous Coward · · Score: 2, Insightful

    When US companies refuse to follow EU directives and laws, people here complain that the US is forcing their laws and practices on the EU. If US companies refuse to comply with Iran's demand for surveillance and censorship, will you likewise claim that the US is forcing their laws and practices on Iran?

    1. Re:What if US companies refuse? by Anonymous Coward · · Score: 1

      Sorry for that last post, I'm an idiot. Of course the US and US companies are not the same thing. Boy I'm really dumb sometimes.

    2. Re: What if US companies refuse? by Anonymous Coward · · Score: 0

      Um, nice try, but I'm the OP and didn't write that reply. When Google didn't pay French taxes, users claimed is was a case of the US forcing their ways on Europe. It pissed me off. I'd like to know if those same bullshit claims will be made here.

    3. Re: What if US companies refuse? by Anonymous Coward · · Score: 0

      Excuse me, I'M the OP. I didn't write any of these replies, what the FUCK. Stop pretending to be me you bastard!

    4. Re: What if US companies refuse? by Anonymous Coward · · Score: 0

      Um, please, I'm the OP and I want you to stop! I want to talk about US companies and Iran, why are you doing this??

    5. Re: What if US companies refuse? by Anonymous Coward · · Score: 0

      Haha this is great! But seriously though I'm the OP, let's get this chat back on track please.

    6. Re: What if US companies refuse? by Anonymous Coward · · Score: 0

      Wow. I come back to check on my post and there's like 5 people pretending to be me.

    7. Re: What if US companies refuse? by Anonymous Coward · · Score: 0

      Jesus fuck, I am the OP and this reply thread is insane.

    8. Re: What if US companies refuse? by Anonymous Coward · · Score: 1

      I'm the real OP and I can't stop suck cocks.

    9. Re:What if US companies refuse? by epyT-R · · Score: 2

      Simple, a treaty will be established that will force EU laws on americans and american laws on EU citizens. individual liberty is trampled for autocrats and corporates.

    10. Re: What if US companies refuse? by Anonymous Coward · · Score: 0

      You know, this marxist shaming has gotten so blatant, I really wonder how many people see it now..

    11. Re:What if US companies refuse? by johanw · · Score: 1

      Because in Europe, the US government is not seen as an ally but an opponent the people need to protect from (by the population, not by "leaders" who hope to make a next career step in international politics). In Iran, the people need to protect more from their own government than from the US government so they look different at the matter.

    12. Re:What if US companies refuse? by johanw · · Score: 1

      A lot of popular messengers like Viber (already blocked in Iran) and Telegram are not from US companies anyway.

    13. Re: What if US companies refuse? by johanw · · Score: 1

      That's better than The Netherlands where angry niggers are trying to shut up free speech by people who don't carry their agenda.

    14. Re: What if US companies refuse? by Anonymous Coward · · Score: 0

      We should really get us checked out

      gettin crowded in here!

  4. Iran Forces Messaging Apps To Move Data To Iranian by Anonymous Coward · · Score: 0

    Um, what does this mean?? This headline doesn't make me want to read the article. This is really like something from Arstechnica written by an embearded hipster (ie. the wrighter has a very bushy beard, and ****thick****, black glasses). It makes perfect sense to this person.
     

  5. Instead of moving to Iranian servers by fustakrakich · · Score: 2

    The *companies behind popular messaging apps* should respond with free VPN and proxy services built into the app. But they need to extract all their personnel from the country first.

    --
    “He’s not deformed, he’s just drunk!”
  6. E2E Encryption is not a panacea by Anonymous Coward · · Score: 0

    Key exchange is still a weakness of public key systems used in E2E encrypted messaging services. The messaging servers act as public key "phone books" necessary to find the message recipient's key. We inherently trust the messaging service not to substitute government MITM keys that later forward the message to the intended recipient.

    How much can we trust those "phone books" when the government has physical access to those machines?

    1. Re:E2E Encryption is not a panacea by aaarrrgggh · · Score: 1

      Very true... but is there anything on the horizon to deal with the weaknesses of key trust?

    2. Re:E2E Encryption is not a panacea by johanw · · Score: 1

      No I don't. I don't need to trust the Signal servers not doing that, I can check the source to see if they do. And I _do_ check the source (and make some minor changes in it like adding encrypted backup) before I compile my own version.

  7. Good luck with that Iran by ITRambo · · Score: 3, Insightful

    The Iranian government will learn that only mindless conversations will be easy to intercept unencrypted. Maybe, even those will be encrypted by uses just to drive Big Brother a bit nuts. If the government shuts Internet messaging down, peer to peer networks will pop up. They can't stop technology completely.

  8. ..unable to read content. by Anonymous Coward · · Score: 0

    Ya right. I will believe that when I can throw one of our dairy cows across the Mississippi River
    .
    There's a way in. They know what it is. It's very probable they have your keys and of course, they will have your password for the service too. So ya, they can get into your data, and if you're in Iran, you have to know damn well the government is going to be all over every single bit that goes into or out of those servers. Same is more than likely true in some :cough:u: other :cough:s: countries :cough:a:

  9. Encryption Vs. Wiretap by The+New+Guy+2.0 · · Score: 1

    This is an ages old debate between encryption and wiretaps... individuals want security, governments want the info.

  10. wants by Anonymous Coward · · Score: 0

    Iran wants....it's good to want.

  11. Re: "it's unlikely the government will be able to by Anonymous Coward · · Score: 0

    Then Iran will shut that down too, and if they're Iranian, they'll be killed.

  12. Re:Not new by Archfeld · · Score: 1

    No one is complaining ?? I think you've missed a few articles, and news stories. Lots of people and services are complaining, but as per normal, none of the Powers That Be (PTB) give a shit or are listening.

    --
    errr....umm...*whooosh* *whoosh* Is this thing on ?
  13. is it? by Tom · · Score: 4, Interesting

    The official reason is different than the summary states:

    "Foreign messaging companies active in the country are required to transfer all data and activity linked to Iranian citizens into the country in order to ensure their continued activity,"

    And honestly, that's a good lie if it even is one. Iran is not on the good side of the USA and knows that if their citizens and businesses rely on US services, those can be shut down at any time. Moving them into the country is, frankly speaking, something that I would have recommended to them as a consultant. If you cannot rely on your third party providers, move the services in-house. It's pretty basic.

    That said, of course it also makes surveilance easier. But again, the question for Iran may not have been "do we want surveilance of our citizens?" but more akin to "do we want the NSA or our own secret service monitors our citizens?" to which the answer is obvious.

    You see, if the infrastructure is within Iran, they gain the ability to block out NSA surveilance, even that built in to the Apps through backdoors, by shutting down the outgoing Internet connections. If things get ugly again, you would want to at least have that option.

    It sickens me that this is painted as a "state government vs. freedom" issue when it is almost certainly more a question of two tyranical police states fighting for control.

    --
    Assorted stuff I do sometimes: Lemuria.org
  14. Help me out here but... by Anonymous Coward · · Score: 1

    Why, with our being about 40 years past Compuserve and Genie, are we still dependent on "servers" to allow our little hand held supercomputers to communicate? Just asking...

  15. Reply by Impy+the+Impiuos+Imp · · Score: 1

    Just include this warning: "Warning! The government requires we give them your info to scan at their leisure to aid in their remining in power over you."

    Unless the INSL (Iranian National Security Letter) includes the term it must be kept secret. Sucks to ne them.

    Haha, they have no First, Fourth, and Fifth Amendment to prevent all this!

    --
    (-1: Post disagrees with my already-settled worldview) is not a valid mod option.