Russian Bill Requires Encryption Backdoors In All Messenger Apps

Patrick O'Neill quotes a report from The Daily Dot: A new bill in the Russian Duma, the country's lower legislative house, proposes to make cryptographic backdoors mandatory in all messaging apps in the country so the Federal Security Service -- the successor to the KGB -- can obtain special access to all communications within the country. [Apps like WhatsApp, Viber, and Telegram, all of which offer varying levels of encrypted security for messages, are specifically targeted in the "anti-terrorism" bill, according to the Russian-language media. Fines for the offending companies could reach 1 million rubles or about $15,000.] Russian Senator Elena Mizulina argued that the new bill ought to become law because, she said, teens are brainwashed in closed groups on the internet to murder police officers, a practice protected by encryption. Mizulina then went further. "Maybe we should revisit the idea of pre-filtering [messages]," she said. "We cannot look silently on this."

Oh, the irony!

Oh dear, this is ironic. Russia is a haven for online criminals, something they really ought to crack down on. Instead of pursuing actual criminals, they're looking to reduce the privacy of people who haven't done anything wrong. What a screwed up country!

Re: Oh, the irony!

My god you people are fucking stupid. Your hate of the US is so strong you refuse to acknowledge reality. Yes, the US engages in mass surveillance. So do the EU and Australia. Edward Snowden talked about the fourteen eyes, which includes much of the EU. In fact, EU countries that are left out of these surveillance pacts want in very much. There is one huge difference, though, between the fourteen eyes and Russia. The fourteen eyes aren't actively cracking down on human rights and political dissidents. I'm free to criticize Obama heavily without fear of government retribution. Canadian, Australian, and EU citizens enjoy the same freedoms with their respective governments. Russia, however, does not tolerate criticism of its government nearly as much. Speak out against Putin there and see what happens; it won't turn out well for you. Expressions of homosexuality are also heavily restricted and Russia has a horrible record of LGBT rights. So many people here are blinded by their hatred of the US that they're willing to praise a country with Russia's record for admitting their mass surveillance. This is part of why Slashdot is fucking unreadable these days. There is absolutely no way we should be praising Russia at all for this.

Re: Oh, the irony!

Expressions of homosexuality are also heavily restricted and Russia has a horrible record of LGBT rights.

Shurely not.

Putin wouldn't be posting all those homoerotic pictures of himself if that were the case.

Re: Oh, the irony!

One of the two countries advertises itself as the "land of the free". The fact that a de facto dictatorship under Putin is enacting the very laws our own country's agencies have been fighting for should bother you more than it does.

The sarcastic comments above illustrate discontent with the fact that our two governments are not as distant in their actions as some of us would be comfortable with.

Re: Oh, the irony!

[nehumanuscrede]

Pffff.

Our current hatred of the US stems from the fact that while countries like Russia and China are EXPECTED to pull shit like this, the US that I grew up in is not.
The US would like everyone to think that we're the good guys and they put an awful lot of effort into trying to promote that image to its citizens.

However, as time goes on, it seems the only differences between the US and the so called " bad guys " are the languages we speak. We might not be AS screwed up* as some other countries are, but we're trying to get there as fast as we possibly can.

*We're more screwed up in some aspects.

Re: Oh, the irony!

[Bill,+Shooter+of+Bul]

Wha..ttt THe...

How is that a point? LIving in a totaltarian state with real punishments for expressing disapproval of the government is better because, you know the consequences of your actions?!? As opposed to living in a country where limited secretive spying goes on, with out any measurable crack down on descent?

Its like admiring a serial killer for having the courage to act on his convictions, as opposed to a man that cheats on his wife but doesn't leave her.

Russian bill acknowledges backdoors in all ....

[haruchai]

messaging apps

Fixed that for you

Stop providing services

[Corwyn_123]

To any country that makes encryption either illegal, or treats it as eminent domain for the government to have access to it's citizen's communications.

This is the same crap the UK is proposing, and the same crap the US is trying to implement. It's time for the citizens, and thereby the private services providers, to stand up and say "No More!!!".

Re:Stop providing services

[Sique]

If you want security and liberty, at a minimum, you must stop importing people that want to destroy your culture.

Here is where your argument fails. Most people out to "destroy culture" (whatever that means) come from within. The foreign agent trying to destabilize a society is a cliché. Sure, they exist, but there are only a few of them. The main threat to a society are people being outcast for what reason ever (economically, culturally, for religious reasons) and try to get revenge for feeling outcast.

It's the same misconception with most crimes. The people most likely to kill you are yourself, your parents, your spouse and your children. And so the people most likely to commit terrorism are people who feel they belong to a former elite and are now locked out from their perceived rightful priviledges, and second generation immigrants who were frowned upon by the majority for being second generation immigrants.

Filthy dirty freedom hating commies

[frovingslosh]

Those filthy dirty freedom hating commies. Now they are stealing out government's ideas!

It's not only Russia

[penguinoid]

Free speech and privacy are viewed as terrorism here, too.

Because terrorists!

[jenningsthecat]

Or should I re-phrase that as "because bogeymen"? I mean, really, how many terrorists attacks, anywhere in the world, have been prevented as a result of the privacy we've already been forced to give up?

If terrorists didn't exist, governments would have to invent them, to justify their megalomaniacal policies. Oddly enough, Russia is (uncharacteristically) late to the party on this one - it seems that they're simply following the lead of the Free World. That alone should be a cause for serious concern among those ostensibly 'free' countries.

Re:I never understood privacy

[hawguy]

I never understood why people think networks like the Internet are supposed to be private. They weren't designed to be originally. In fact, the first networks were broadcast: every node "talked" to every other node. Networks are supposed to facilitate communications. They aren't designed to hide communications. In fact in a peer to peer network like the internet, every node is supposed to be able to talk to other nodes. I know a bunch of people are going to get angry at this but the fact is if you want secrecy, don't use a communication network like the Internet. I know it is hard to believe, but it is possible! I'll wait for all the blah, blah, blah, I hate you Aspie responses, but if you look at the history of networks in general, security was an afterthought that was tacked on top (poorly).

Few people think the internet is private, that's why they use encryption.

If someone wants your secrets badly enough that they'll backdoor your phone without you knowing it (and they have the resources to do so), then no communication is safe, not even a person-to-person conversation.

Opposing country's bills

[MobyDisk]

Russian bill: All messaging apps must have a backdoor that only Russia can access.
US bill: All messaging apps must have a backdoor that only the US can access.
EU bill: All messaging apps must have a backdoor that only the EU can access.

Yeah, that'll work just great.

Re:I never understood privacy (eyeroll)

Rather than mod you down -1 Troll, which you probably deserve with a subject of "I never understood privacy", I'm going to "fall for it" and actually address your convoluted point of view as if you were serious, Mr. doesn't-understand-privacy-but-still-named-"110010001000".

I never understood why people think networks like the Internet are supposed to be private

When you say "supposed to"-- to what authority are you appealing? Certainly there are many many mechanisms built on the internet that are "supposed to" enforce private communications, so on the face of it your statement is wrong. I dont' understand what is so hard about the goals of TLS, SSL, SSH, PGP, etc. that you don't understand them.

They weren't designed to be originally.

The underlying TCP/IP may not have had privacy as a premiere concern, but certainly numerous technologies built on top of TCP/IP have and do. The underlying protocols do what they were designed to do for the most part. Saying they weren't "originally" designed to enforce privacy is like saying that you don't understand why the web is supposed to work because TCP/IP isn't originally designed to serve web pages.

In fact, the first networks were broadcast: every node "talked" to every other node. I don't know if this is even true, but if it is, so what? The first TVs were in black and white, does this mean that you don't understand why people think TV is supposed to be in color?

if you want secrecy, don't use a communication network like the Internet. What? Why not? Because some networks at one point broadcasted everything to everyone on the network? How does that even preclude a single recipient from uniquely decoding the message?

What mechanism would you recommend one use for communicating privately, exactly? Because I'm very willing to argue that the underlying communication platform of whatever-you-come-up-with was never "supposed to be private" by your own ehm, let's-say-logic.

if you look at the history of networks in general, security was an afterthought that was tacked on top (poorly)

Since you hate privacy so much, could you please post as a response your real name, social security number (if American), address, bank account numbers, balances, and PINs, and credit card info? I'm sure people would be happy to send you a lot of reasons to value secrecy-over-networks.

Y'know what-- I do hate you, Aspie.

Can we mod this trollish crap down?

Re:Let them go nuts

[mlts]

With basic technology available in firewalling appliances, it isn't too tough to make a rule, "if it appears to be encrypted, drop the packets, send alert, and yank offending host from the network". Just block traffic going through a HTTP/HTTPs port without a user agent, MITM the rest. This works on the LAN. It wouldn't be too hard for a repressive government to do this on a WAN basis.

It is ok.

[ageoffri]

Russia only has theoretical encryption, so the Russian government is only planning for the future. This has no impact on current technology.

In Soviet Russia ...

[Thor+Ablestar]

Messengers encrypt YOU!

Being a Russian I just don't beeping care. And maybe I'm even glad that this bill is proposed, because it means that all the official messengers (I mean: companies that provide messenger services using closed source software) will be compromised and the only messengers that are trustworthy will be the open source decentralized ones having no central authority that can be fined.

In such conditions the maximum fine would be 5000 Roubles (less than US$100) which means that the expense of collecting the evidence would not pay up. It's just impossible to interrogate everybody whose traffic comes to some nonstandard port, and it's impossible to prove that it's a messenger and not anything else.

Also I hope that any software that used the outdated HTTP(S) and HTML protocols which have so many builtin security holes will be compromised at last and the only programs that survive would have no such thing as web page phenomenon and correspondingly site phenomenon. For instance, Freenet now supports something like a webpage. But it edits out anything that could be dangerous. RetroShare just has no web page. It displays web links but you should copy them to the browser with full understanding for your actions.

Please understand: This bill is neither Putin's nor the FSB/KGB initiative. The FSB works stealthly. It's the initiative of parlamentaries who propose the laws that just cannot be observed.

Dear Russia

[Hognoxious]

Fuck off, fuck off, fuck off.

Signed,
    Wales.

Backdoors in messengers.

[Max_W]

What I heard from E.Snowden makes me believe that all messengers have got a backdoor as a part of some project with a name something like Flying Eagle.

If it was possible to monitor communications of Bundeskanzler and Président, then run-of-the-mill messengers and smartphones should not be a challenge.

The question is not about backdoors, but who would hold keys.