The creators of Signal, a popular encrypted messaging app, say that Egypt is blocking access to the app. Will using a VPN help you download this wonderful app?
Signal is an app that uses end-to-end encryption to secure users’ chats. In the wake of the recent presidential election in the United States, Signal and apps like it have become increasingly popular.
Egypt media organization Mada Masr reported that several people used Twitter over the weekend to say they couldn’t use Signal. These people used Egyptian IP addresses, so it seemed like a local problem. Open Whisper Systems told one person that everything was working on the back end.
The company then confirmed that Egypt was banning access to the app. Until then, the company says that people can use Tor or a VPN to access Signal. The company contacted several other parties, like the Open Observatory of Network Interference (OONI).
OONI, a part of the Tor Project, is a global observation network to detect censorship, suggests that Egypt could be using a TCP reset injection. This changes a data packet TCP header, and the packet’s endpoints take this as a sign that they should immediately drop the packets.
Egypt and Technology
This isn’t the first time Egypt has done something like this. In 2011, authorities shut down the country’s internet, SMS and Blackberry messaging. Next, in 2015 it blocked access to VOIP services—including Skype, Viber and WhatsApp.
Finally, in the 2011 blackout, now known as Arab Spring, Egypt shut down these internet services in an attempt to quell unrest. Twitter, YouTube, Hotmail, Google, Baidu and a certain proxy service were all blocked from inside the country.
In return, hacking group Anonymous targeted Egyptian government websites, with many sites compromised or taken offline.
The 2015 shutdown was also in response to political dissent. Telecoms like Vodafone, Mobinil and Etisalat, as well as the National Telecom Regulatory Authority (NTRA) each blamed the other when asked who was responsible.
Mada Masr mentions some alternatives to using Signal:
- Ring: A messaging and voice calling app that uses OpenDHT [PDF], as well as a decentralized network and encryption.
- Kontalk: A messaging platform using open-source encryption and relies on a network of servers run by volunteers.
- WhatsApp: Open Whisper Systems worked with WhatsApp to implement their encryption protocol. The only problem is that WhatsApp is a little too close to Facebook for comfort.
- Telegram: This app is an alternative, but the developers haven’t published their source code, and it might have weird ties to the Iranian government.
A better option might be using a VPN. With this technology, Egyptian users can spoof their IP address and make it seem like they’re in a different country. This should be enough to download Signal. Also, iPhone users with Signal can use the desktop version.
In a blog post published today, Open Whisper Systems say they have implemented a censorship bypass method with Signal for Android. It uses a technique called domain fronting.
It mentions that cloud services and CDNs like Amazon Cloudfront, Amazon S3, Azure, etc., can be used to access Signal and make user traffic indistinguishable from uncensored traffic.
“The idea is that to block the target traffic, the censor would also have to block those entire services. With enough large scale services acting as domain fronts, disabling Signal starts to look like disabling the internet.”
Hopefully this works, because Egypt has no problem blocking the internet, as we explained above. Today’s Signal release for Android, domain fronting is enabled for Signal users with an Egypt or United Arab Emirates country code.
A Signal update for iOS using this method is currently in beta, and the company should be able to release it soon. Email firstname.lastname@example.org if you want to sign up for the Signal iOS beta channel.