Just days after Open Whisper Systems concluded the Egyptian government had blocked access to its encrypted messaging service, Signal, the company rolled out an update that circumvents large-scale censorship systems across Egypt and the United Arab Emirates. The update also adds the ability to apply stickers, text and doodles to images, but that’s just icing on the censorship-evading cake. “Over the weekend, we heard reports that Signal was not functioning reliably in Egypt or the United Arab Emirates, ” Open Whisper Systems writes . “We investigated with the help of Signal users in those areas, and found that several ISPs were blocking communication with the Signal service and our website. It turns out that when some states can’t snoop, they censor.” Open Whisper Systems circumvents filtering systems with domain fronting, a technique that routes all messages through a popular domain name — in this case, Google. All Signal messages sent from an Egypt or UAE country code will look like a normal HTTPS request to the Google homepage. In order to block Signal in these countries, the governments would have to disable Google. “The goal for an app like Signal is to make disabling internet access the only way a government can disable Signal, ” the company says. The blog post continues, “With enough large-scale services acting as domain fronts, disabling Signal starts to look like disabling the internet.” Source: Signal
Read more here:
Encrypted chat app Signal circumvents government censorship
Russian hackers have used fake websites and bots to steal millions of dollars from advertisers. According to researchers, the fraud has siphoned more than $180 million from the online ad industry. CNNMoney reports: Dubbed “Methbot, ” it is a new twist in an increasingly complex world of online crime, according to White Ops, the cybersecurity firm that discovered the operation. Methbot, so nicknamed because the fake browser refers to itself as the “methbrowser, ” operates as a sham intermediary advertising ring: Companies would pay millions to run expensive video ads. Then they would deliver those ads to what appeared to be major websites. In reality, criminals had created more than 250, 000 counterfeit web pages no real person was visiting. White Ops first spotted the criminal operation in October, and it is making up to $5 million per day — by generating up to 300 million fake “video impressions” daily. According to White Ops, criminals acquired massive blocks of IP addresses — 500, 000 of them — from two of the world’s five major internet registries. Then they configured them so that they appeared to be located all over the United States. They built custom software so that computers (at those legitimate data centers) acted like real people viewing those ads. These “people” even appeared to have Facebook accounts (they didn’t), so that premium ads were served. Hackers fooled ad fraud blockers because they figured out how to build software that mimicked a real person who only surfed during the daytime — using the Google Chrome web browser on a Macbook laptop. Read more of this story at Slashdot.