The Iranian government recently blocked Signal due to censorship issues, which is a known messaging platform that pioneered end-to-end encryption.
(Photo: Youtube video screenshot of Tech Crunch)
Original reporter helical gear, The messaging application has recommended TLS proxy for its Iranian users to bypass censorship and privacy restrictions. However, many researchers have intervened in this process and managed to find vulnerabilities in their work that may allow government officials to access the Signal TLS proxy, thereby removing the protection.
Researchers who discovered vulnerabilities through Signal’s Github repository recorded their reports.On the other hand, messaging apps banned by the Iranian government are seen as a potential tool to suppress users in the regime
How should signal TLS proxy bypass government censorship
They are already Blog The title on the official website is “Helping users in Iran reconnect to Signal”. The solution details another way to bypass Iran’s censorship system.
Proxies accessible through GitHub repositories can help users get rid of government attention. Users will execute some commands, manage proxies, and participate in #IRanASignalProxy tweets.
Researchers found vulnerabilities and released them publicly
according to Beep computer, Two researchers named DuckSoft with Student foundation Several vulnerabilities have been reported that could allow government agencies to track Signal agents. It can now be easily checked by reverse engineering user traffic or simply blocking all detected proxies.
The flaw can be seen in the structure of the SS/TLS tunnel, which discloses the IP address and the plain text information in the SNI field. The researcher told us in an interview with Bleeping Computer, “You only need the domain name of the server to connect to the signal proxy.”
They added: “From the inspector’s point of view, when the traffic of the proxy server passes through, the visible information is the IP and the plaintext server name indication (SNI) in TLS ClientHello, which correspond exactly to the server’s domain name.”
In addition, the researchers have published evidence of their hypothesis and proposed a patch that Signal can use to fix the defect.
“If it is a signaling agent, the agent will be blocked immediately, and because the authorities have the ability to track everyone’s network logs, some bad things may happen to people who repressively access the agent.” added.
Researchers were asked why they made it public instead of using the usual public methods. According to them, there are two reasons why they went public.
“It is well known that the efficiency of signal processing email is very low, such as Frolov. Secondly, TLS proxies are new. We think they can be stopped before widespread deployment. It took us about 1 hour to complete the report and PoC, and after about Only a few hours after the signal is submitted,” they said.
They added: “Iranians can’t wait for a few months. It would be the best plan to immediately abandon this easily detectable TLS proxy.”
Researcher is banned from GitHub repository
Signal’s founder Moxie Marlinspike said that due to the large number of reports received every day, reports such as researchers’ concerns have not received attention. Therefore, they must be handled accordingly.
When BleepingComputer asked why the researchers’ concerns were not answered, Marlinspike told BleepingComputer that Signal had received a large number of such reports, so the issues must be prioritized.
However, shortly after the researchers dispelled their doubts, they were deleted from the repository. The archived issue page has also been removed from GitHub and now displays as a 404 error message.
According to Signal, due to rude comments and inappropriate statements made by the researchers, they were deleted and these comments were transferred to volunteers. Signal hinted that this violated the company’s code of conduct.
The researchers responded to this question, stating that “they claim to help people with censorship, but in turn they censor the whistleblower.”
For others, Signal’s move to remove public positions is just a precautionary measure while also taking steps to investigate better solutions. Moreover, they don’t want to raise opponents while trying to solve the problem.
This article is owned by Techtimes
Written by Nikki D
Ⓒ2018 TECHTIMES.com reserves all rights. Do not copy without permission.