[liberationtech] Signal ignores proxy censorship vulnerability, bans researchers

Adam Fisk afisk at getlantern.org
Thu Feb 25 05:40:51 CET 2021 

On Wed, Feb 24, 2021 at 8:19 PM Harry Halpin <hhalpin at ibiblio.org> wrote:

> Again, if Sergey - who seems to be a perfectly nice Ph.D. student - wants
> to fix TLS, that's fine. I would support fixes to TLS as would any sensible
> person, including Moxie.
>

So just so we're on the same page, Sergey is a perfectly nice Ph.D. student
whose code was deployed on more phones globally than Moxie's up until a few
months ago. It's deployed almost exclusively in censored regions, in
contrast to Signal which is deployed almost exclusively in uncensored
regions.

Making TLS more censorship resistant at the IETF level is great. I'm not
sure what vulnerabilities you specifically have in mind, but to me the most
promising is Encrypted Client Hellos (
https://tools.ietf.org/html/draft-ietf-tls-esni-09) that especially Nick
Sullivan at Cloudflare has been pushing with great success.

While I agree we should vigorously pursue approaches like that, it won't
help people in the most censored regions today. Sergey's code is actually a
core piece of bypassing real world censorship now.


> But that's not Signal's problem - TLS bugs are a lower-level network level
> protocol whose bugs Signal inherits when it tries to use TLS. Sergey should
> approach the TLS 1.3 Working Group at the IETF, no try to garner attention
> for himself via media releases over his github comments. This reminds me of
> the Israeli "security" firm that claimed they had "hacked" Signal by simply
> accessing the keys in the phone, which can be done to *any* app on phone
> that has a rootkit that doesn't use some-yet-not-really-working secure
> enclave.
>

Right. Signal's problem is that they were blocked in Iran. Their solution
to that problem attempts to use TLS in a way that doesn't work. You're
basically thinking of TLS in the way that Signal is thinking of TLS, which
is limited and the heart of the problem.

Sergey hardly tried to garner attention for himself -- heck his last name
was never even mentioned anywhere I saw. I happened to realize it must be
him just based on his first name and the nature of the analysis.


>
> There are literally *no* server that is not susceptible to active probes
> and machine-learning based traffic analysis attacks. If Sergey had a kind
> of solution that actually did what Adam claimed it did "anti-censorship
> tools that actually work at scale in censored regions are not susceptible
> to active probes" then all of China would be using it. As it doesn't exist,
> people aren't using them.
>

I never mentioned anything about machine-learning based traffic analysis,
which is a different problem, but the most disturbing reality is that there
are "anti-censorship tools that actually work at scale in censored regions
are not susceptible to active probes", but it turns out that a very small
minority of Chinese actually have much interest in the censored internet.
Could the tools that work in China capture more of them? Sure, but there
are all sorts of other issues in China too, such as distribution. It's also
very dangerous for people in China to work on those tools.

One that's been growing recently is v2ray. There's a reason it has over 30K
stars on GitHub: https://github.com/v2ray/v2ray-core


>
> Censorship is a very hard problem, which is why Shava is basically right.
> Cutting-edge usable tech here is still I believe obfs4proxy, and it's
> well-known defeatable by nation-state level adversaries.
>

This is actually the fundamental issue -- there is a huge asymmetry of
information between the more conventional security community and the people
who work on bypassing censorship, largely because the techniques that work
are largely kept secret. The "cutting-edge" usable tech at one time was
obfs4proxy, but it's been probably 7 years or so since that was the case.
The people who know what the cutting edge usable tech is are those who
deploy it at scale, but you're not likely to read about it anywhere.


> I do support the usage of Tor, and Tor also is susceptible to the precise
> same kinds of attacks Signal is and thus doesn't work in China, Iran, and
> many other places. Furthermore, it's not resistant to NSA-style traffic
> analysis. But it is by better than most shady VPNs and proxies, and I hope
> people use it where their nation-state hasn't starting censoring it yet.
> Same with Signal. Most VPNs that work in these countries work insofar as
> they are easily susceptible to attacks (i.e. see Moxie's older work on bugs
> in PPTP or the myriad of authentication issues facing OpenVPN,
> fingerprinting of Wireguard...). Again, more work is needed but aim work in
> productive way, not cheap media hit pieces on Signal or Tor.
>

Yeah so that's where the asymmetry of information kicks in. The VPNs that
work in the most censoring countries that are easily susceptible to attacks
stopped working long ago. China in particular has stepped up its game in
crazy ways in the last couple of years.

Tor is incredible, and I support Tor's work all day long, but as you say it
is not used widely in the most censoring countries. Other tools are.

-Adam

-- 
--
President
Brave New Software Project, Inc.
https://lantern.io <https://www.getlantern.org>
A998 2B6E EF1C 373E 723F A813 045D A255 901A FD89
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ghserv.net/pipermail/lt/attachments/20210224/41f3b133/attachment.htm>

More information about the LT mailing list