fsebugoutzone.org:9999

       Post AXLUZ27IGVM1VkVqWe by joosteto@mamot.fr
 (DIR) More posts by joosteto@mamot.fr
 (DIR) Post #AXJm3OWQpvhKanPk8G by kravietz@agora.echelon.pl
       2023-07-03T12:59:41.346544Z
       
       0 likes, 0 repeats
       
       News about news #Russia surveillance systems that allow “monitoring users of Telegram, WhatsApp and Signal” seem to be largely FUD, IMHO. I rely on #Ukraine “Pravda”[^1] as the original NYT article is paywalled:Placing Telegram, WhatsApp and Signal in one row is a huge misconception. Telegram has no E2EE by default and uses a proprietary protocol.Specific program: “NetBeholder can detect when people make voice calls or send files through encrypted chat applications such as Telegram, Signal and WhatsApp”. This sounds very much like deep packet inspection to the limits set by the underlying protocol.Basically, if you use these apps in Russia, the network provider can see your traffic. That’s kind of obvious, but what exactly they will see will very much depend on the actual protocol and it will be quite different for each app.Oh wait, what if… they don’t see your traffic directly, because you use VPN? None of these will work. Of course, they will see you use a VPN which may cause you trouble on its own, but if you live in Russia that’s just one of million of things that can cause you trouble with FSB.There’s one more funny thing: NetBeholder was a “lawful interception” program developed since 2010’s by a Digital Bridge company from Singapore[^2].A paranoid person might conclude that Russians just acquired the vendor and slightly upgraded its products in order to grab some cast from FSB bids and then “leaked” some PR documents to NYT in order to get free advertising 🤷‍♂️[^1]: https://www.pravda.com.ua/eng/news/2023/07/3/7409619/[^2]: https://digitalbridge.com.sg/netbeholder.php
       
 (DIR) Post #AXLSbAoch6N3A2fl1k by kravietz@agora.echelon.pl
       2023-07-04T08:31:05.351687Z
       
       0 likes, 0 repeats
       
       Mikhail Klemaryov shed some light on the capabilities used by the #Russia #SORM surveillance systems hyped by NYT recently, largely consistent with my analysis above:For mobile and landline phone conversations, FSB has access to all metadata and call contents in real-time, archiving all of them “just in case” for at least six months with automatic transcription and ability to search by keywords. For persons of interest this retention time is likely much longer. For that reason, Klemaryov recommends not using regular mobile and landline calls in Russia at all.For instant messengers, their capabilities are limited to correlation of call metadata between various Internet operators thanks to FSB real-time access to Internet connection metadata going through all Internet providers in Russia. For example, if you have a network stream seen by Alice’s mobile operator consistent with a Signal, WhatsApp or Telegram call that started exactly 09:21 and lasted exactly 39 seconds, you just need to find identical stream seen by Bob’s operator to be able to conclude that Alice talked to Bob. FSB doesn’t know the contents of these calls but only the fact they talked and when.These capabilities are further limited as they require access to full metadata logs on both operators. If one caller is abroad, this won’t work. If one caller uses VPN, it won’t work. For that reason Klemaryov recommends using VPN for all Internet traffic in Russia, not only when bypassing blocked content.https://www.youtube.com/watch?v=J3wawFrozMQFor #Telegram be sure to also read what @rysiek wrote in this thread!
       
 (DIR) Post #AXLUZ27IGVM1VkVqWe by joosteto@mamot.fr
       2023-07-04T08:52:28Z
       
       1 likes, 0 repeats
       
       @kravietz @rysiek Agreed, except that if Alice uses a VPN, the FSB may well notice that starting at 9:21 she has a 39 seconds during audio-stream-like connection (many small packages) to the VPN, and they could link that to Bob&#39;s connection (they may notice that the packages Alice receives are all just slightly larger than Bob&#39;s).But it&#39;s true that that is much more difficult to link.
       
 (DIR) Post #AXLUdJfUwzAn6ZYP8C by kravietz@agora.echelon.pl
       2023-07-04T08:54:04.790628Z
       
       0 likes, 0 repeats
       
       @joosteto That depends on the specific VPN implementation - some solutions intentionally inject random traffic to thwart traffic analysis.@rysiek
       
 (DIR) Post #AXLVZw1SVZzyr1mFt2 by joosteto@mamot.fr
       2023-07-04T08:55:46Z
       
       1 likes, 0 repeats
       
       @kravietz @rysiek Ah, didn&#39;t know that. Hope the russians will uses one of those.