Slashdot Mirror

← Back to Stories (view on slashdot.org)

Egypt Has Blocked Encrypted Messaging App Signal (engadget.com)

Posted by msmash on from the blocking-encryption dept.

An anonymous reader writes: Egypt has blocked its residents from accessing encrypted messaging app Signal, according to the application's developer. Mada Masr, an Egypt-based media organization, reported yesterday that several users took to Twitter over the weekend to report that they could no longer send or receive messages while on Egyptian IP addresses. Open Whisper Systems, the team behind the app, told a user asking about a situation that everything was working just as intended on their end. Now that the company has confirmed that the country is blocking access to Edward Snowden's preferred messaging app, it has begun working on a way to circumvent the ban. They intend to deploy their solution over the next few weeks.

24 of 44 comments (clear)

  1. Huh by wanderung · · Score: 4, Funny

    Apparently you can stop the signal.

    1. Re:Huh by wanderung · · Score: 1

      only if its cloud generated. use on prem encryption solutions.

      That woosh you heard was the joke clearing your head by a good 20,000 ft.

  2. But... by 110010001000 · · Score: 1

    But I was told by Slashdotters that government people didn't understand the Internet and therefore such attempts would be useless. What is next, saying that DRM actually has an effect on casual piracy?

    1. Re:But... by bigpat · · Score: 1

      But I was told by Slashdotters that government people didn't understand the Internet and therefore such attempts would be useless. What is next, saying that DRM actually has an effect on casual piracy?

      That was true... until governments hired us all. Now we are the Man.

    2. Re:But... by UnknownSoldier · · Score: 1

      > But I was told by Slashdotters that government people didn't understand the Internet and therefore such attempts would be useless.

      Short term: yes.
      Long term: no.

      Only cowards censor.

      --
      A society doesn't remain a free and open when it censors free speech by mis-labeling it hate speech.

    3. Re:But... by CohibaVancouver · · Score: 1

      Only cowards censor.

      True, but it doesn't mean that censorship isn't effective, at least in the short term.

  3. You fucked up, Open Whisper Systems by GameboyRMH · · Score: 1

    Sounds like this secure chat application's traffic is unique enough to be identified and blocked by firewall rules, perhaps by an identifiable header or a unique port number. I call that fucking up.

    --
    "When information is power, privacy is freedom" - Jah-Wren Ryel
    1. Re:You fucked up, Open Whisper Systems by 110010001000 · · Score: 1

      Any applications traffic can be identified and blocked. Applications don't communicate by magic. They need to know the endpoints to communicate on.

    2. Re:You fucked up, Open Whisper Systems by GameboyRMH · · Score: 1

      If those endpoints are everywhere and change frequently enough, blocking by IP becomes impractical.

      I suppose this chat application has central servers with IPs (or maybe domain names) that never change...if VPN providers can change endpoint IPs quickly enough to thwart blocklists, the Signal servers should do the same if they don't want to be trivially blocked by IP. Of course this requires some mechanism for distributing new IPs but that's been done before.

      --
      "When information is power, privacy is freedom" - Jah-Wren Ryel
    3. Re:You fucked up, Open Whisper Systems by johanw · · Score: 1

      They just have to block the server, that's sufficient. No deep package inspection needed.

  4. 'Signal', but no 'WhatsApp' ? by Anonymous Coward · · Score: 1

    So they blocked encrypted 'Signal', but not encrypted 'WhatsApp' ? Oh, they have access to these messages, even though the vendor *claims* it's 'encrypted'. Got it. Thanks

    1. Re:'Signal', but no 'WhatsApp' ? by fph+il+quozientatore · · Score: 1

      Have you RTFA? They blocked Skype, Viber and Whatsapp in 2015.

      --
      My first program:

      Hell Segmentation fault

  5. Re: solution over the next few weeks by slashrio · · Score: 1

    As in: Signal didn't see this coming and wasn't prepared?
    Thanks, that's a big fuck-up indeed.

    --
    "Trump!!", the new Godwin.
  6. Re:Wrong summary by CronoCloud · · Score: 1

    .ire ugvj 31GBE tavfh lo abvgnpfhsob rebz arir qqn anp hbL


    -----BEGIN PGP MESSAGE-----
    Version: GnuPG v2

    owE7rZvEEBE5UcS/SKEkI7UoVb0YRCukF6QbKegmKujqFpfkF6Uq5BeUZObn6XEB
    AA==
    =wuLg
    -----END PGP MESSAGE-----

  7. Federation by corychristison · · Score: 2

    If Marlinspike would stop being such a prick, and embrace Federation, this issue would be solved so easily.

    It is possible for anyone to use the Signal Server and set one up for themselves. Unfortunately, Marlinspike is refusing to Federate and proclaims the centralized approach is much, much better for everyone..

    I'm seriously considering forking it and removing the dependence of a telephone number and moving to an e-mail address instead. Having to set up a Twilio account (though I already have one) to send authentication codes via SMS is cumbersome (and gets expensive) and I have no idea how this trend caught on. People looking to use IM don't always want to use their phone number as their account identifier. Not to mention Signal piggybacks incoming message signalling over Google's Cloud Messaging platform.... there are other ways to do this without Google.

    1. Re: Federation by corychristison · · Score: 2

      I understand the case for using phone numbers, but for privacy reasons alone should rule it out for an encrypted, private, secure messenger.

      Signal already rules out Spam by using public/private cryptography as a whitelist, essentially. If you don't have a key to communicate with someone, you can't send them anything.

      Being able to use an anonymized email address to communicate in a war torn area is a good thing.

      Going the email address route would also make it really easy to integrate with other communication services (eg authenticate against an LDAP or IMAP server for a quick, company wide deployment).

      E-mail addresses for authentication, plus federation would make it a better alternative to Jabber/XMPP, which does not natively support secure communications. OMEMO is great, but isn't widely supported by servers and clients.

    2. Re:Federation by corychristison · · Score: 1

      My issue isn't privacy, it's that it's being tied to a centralized, paid service like that. As the majority of my post mentioned, their centralization, closed minded approach is stifling their growth and, in my opinion, credibility.

      It's another hurdle that makes it more difficult for people so set up their own private, federated IM network.

      To be honest, it seems like the developers are just being lazy. I understand that in a pinch that GCM is a useful, reliable way to get an app to market... but this isn't your every day messenger. They proclaim that it's an open source project, but neglect to tell you it's tied to non-open services that are no longer in your control.

    3. Re:Federation by grcumb · · Score: 1

      If Marlinspike would stop being such a prick, and embrace Federation, this issue would be solved so easily.

      Here's a good discussion of his rationale for not federating. I'm not particularly sold on his stance, though I agree that the experience of trying to design by committee is generally only for the masochistic.

      But while I was reading his excuses—er, argument—I realised that his entire point boiled down to 'It's hard!' That perfectly fine, as far as it goes. And because I'm not willing to say, 'Fuck you Moxie, I'm going to show you how it's done!' I don't really have a lot of weight to put against that.

      But I'm actually a little disappointed to hear this from a developer/designer whom I genuinely admire. There were a couple of times as I read through his objections to federation where I found myself muttering, 'How did you not anticipate that?'

      And he may bitch about the fact that IPv6 may be impossibly difficult to roll out universally, but he's drastically undersold what has been achieved on top of a federated system as archaic as IPv4. See, his problem is that he wants homogeneity to reach too high up into the user experience. And in doing so, he's taking away from user choice, as well as leaving the entire system open to physical take-down by governments. That last part kind of matters to journalists like me.

      --
      Crumb's Corollary: Never bring a knife to a bun fight.
    4. Re:Federation by grcumb · · Score: 2

      Here's a good discussion of his rationale for not federating.

      Actually not. The fucking link tag didn't get closed. Here: https://lwn.net/Articles/687294/

      --
      Crumb's Corollary: Never bring a knife to a bun fight.
  8. All because of Sissi by OneHundredAndTen · · Score: 1

    She should have remained an Austrian empress, rather than becoming Egypt's latest strongman.

  9. Problem solved already with Signal 3.25.2 release by johanw · · Score: 5, Informative

    Apparently Egypt (and the UAE) were just blocking the server. Moxie just released 3.25.2 in the beta channel to circumvent this. These changes in build.gradle show it's quite easy to circumvent such a block:

                      buildConfigField "String", "TEXTSECURE_URL", "\"https://textsecure-service.whispersystems.org\""
    + buildConfigField "String[]", "CENSORED_COUNTRIES", "{\"+20\", \"+971\"}"
    + buildConfigField "String", "UNCENSORED_FRONTING_HOST", "\"https://www.google.com\""
    + buildConfigField "String", "CENSORED_REFLECTOR", "\"signal-reflector-meek.appspot.com\""

    In case those countries banned Signal from Google Play I just uploaded 3.25.2 to apkmirror.com (I don't know when they'll publish it though).

    If all else fails, you can still use the fork Silence, which uses tghesms/mms encryption that Signal dropped in 2.7.0. Blocking sms will fuck off all kinds of industrial controllers so that's not really an option.

  10. a way to circumvent the ban by fustakrakich · · Score: 1

    Making internet censorship unenforceable and messaging untraceable is music to my ears. A worthy goal if there ever was one.

    --
    “He’s not deformed, he’s just drunk!”
  11. So you can stop the signal. by sethstorm · · Score: 1

    So much for Firefly fans.

    --
    Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
  12. Re: Question: by corychristison · · Score: 1

    My experience with XMPP/Jabber has been this:
    - bloated, complicated protocol (descriptive XML for all communication, really?)
    - only 1 real contender for end to end Crypto (OMEMO), but it requires support at the server and client layer
    - server software is way overly complicated to set up and configure
    - security (cryptography) is not a core goal of XMPP/Jabber. It's all bolted on, and complicates the protocol and server setup even further

    This is just my experience. The mobile clients all suck, too. Conversations is the best I have found for Android.