Encrypted chat app Signal adds domain fronting to bypass censorship in the Middle East

By Harish Jonnalagadda
last updated

Open Whisper Systems — makers of the encrypted chat app Signal — found out that the Egyptian government had blocked access to the app earlier this week. The company has now rolled out an update to Signal that circumvents government censorship through a technique called domain fronting.

Signal is now routing its traffic through Google's CDNs (content delivery networks), so all messages sent on the platform now look like requests to Google services. Essentially, this means that for a country to block access to Signal, they'd also have to switch off connectivity to all of Google's services.

Signal described the process in detail on its blog:

Today's Signal release uses a technique known as domain fronting. Many popular services and CDNs, such as Google, Amazon Cloudfront, Amazon S3, Azure, CloudFlare, Fastly, and Akamai can be used to access Signal in ways that look indistinguishable from other uncensored traffic. The idea is that to block the target traffic, the censor would also have to block those entire services. With enough large scale services acting as domain fronts, disabling Signal starts to look like disabling the internet.With today's release, domain fronting is enabled for Signal users who have a phone number with a country code from Egypt or the UAE. When those users send a Signal message, it will look like a normal HTTPS request to www.google.com. To block Signal messages, these countries would also have to block all of google.com.Follow up releases will include detecting censorship and applying circumvention when needed (eg. so that when users with phone numbers from other countries visit places where censorship is being deployed, Signal will work without a VPN for them as well) and expanding the services that domain front for Signal.

In addition to circumventing government censorship, the latest update also includes support for adding doodles, stickers, and text to images. If you're looking for a secure way to communicate on Android, you should take a look at Signal (opens in new tab).

Harish Jonnalagadda
Harish Jonnalagadda
Senior Editor - Asia

Harish Jonnalagadda is a Senior Editor overseeing Asia at Android Central. He leads the site's coverage of Chinese phone brands, contributing to reviews, features, and buying guides. He also writes about storage servers, audio products, and the semiconductor industry. Contact him on Twitter at @chunkynerd.

17 Comments
  • As with everything in this arena. Good if all you care about is privacy, bad if all you care about is security in monitoring the bad guys. It's always a trade off. This is no different.
  • Except the so called "trade off" is never worth it. You only get an illusion of security while your privacy and 4th amendment rights are slowly stripped away. "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety" - Ben Franklin
  • "Except the so called "trade off" is never worth it." . Never worth it TO YOU. The fact that a bad guy can plan an attack using this service without worry of ever being discovered is a real concern. Maybe not for you, but for a lot of folks. There is a trade off, whether you choose to believe it or not. You might care more about the privacy of that selfie you sent than this scenario, I may not. It's a trade off (privacy vs security), it always has been and it always will be ..
  • The issue here is that you're assuming the lack of privacy would equate to being more secure. This assumes the government is benevolent. The two subjects are not mutually exclusive. The government however would love for us to believe otherwise, as it suits them much better.
  • Yes I am assuming that not being able to send indecipherable messages to another bad guy DOES actually equate to being a bit more secure. Look, being able to see chat messages is probably not gonna save the world, but you are just not being logical if you think that is it not easier for bad guys to plan with technology that cannot be deciphered.
  • You really don't think those same bad guys wouldn't figure out a different way to communicate...
  • The real reality is that strong encryption methods are here, have been here, and wont be going anywhere any time soon. Trying to restrict apps and services like this doesn't solve the problem of security as you put it. Do you think you could prevent an evildoer from creating their own encrypted channels if need be? In a similar vein, do you think you could prevent an evildoer from making 3D printed guns? Think about that.
  • You're buying into the fear-mongering propaganda that governments peddle when they want to strip your rights. You're not giving up privacy for security...you're giving up privacy for the illusion of security. I hate to break it to you but if a bad guy wants to plan an attack they will figure out how to do it no matter how much the government is spying on it's citizens.
  • I'm not buying into anything. I DON'T CARE if someone sees my chats. I know you might, others might. That is fine. I'm not saying anyone is wrong. I am saying there are tradeoffs and different priorities for different folks.
  • I don't have anything to hide...that's not what this is about. It's about the right to privacy and protection against unreasonable search and seizure which is guaranteed under the 4th amendment. What happens when the powers that be suddenly don't have your best interests in mind. In Morpheus' voice: "What if I told you this has always been the case". I'm not trying to change your mind. Just trying to stop you from pushing this bs on others.
  • At the risk of repeating myself... I don't care about my chats being seen. Just because you or a certain percentage of folks feel privacy outweighs security (I know it's not either /or), doesn't make it so. I'm not going to reply any more as we are in the repeating statements time. I respect your opinion. I would hope you would respect mine, and not call it B. S.
  • I respect your right to have that opinion. I do not respect your opinion because it is bs and you are wrong.
  • You're missing the point we're making entirely. These bad guys you speak of, they've done terrible things and acts of evil before all of these apps. Before smartphones even. They will continue to do so. And if these apps that allow people some semblance of privacy are stripped of their ability to do so they will find other ways. The only people that the methodology you subscribe to that these anti privacy actions will affect negatively are the very people that you say are protected by it, us, the common man, the average citizen. That's the point we're all making here. And the counterpoint to our argument is the one that propaganda has been selling since the McCarthy era, and likely since before that.
  • He's never going to see the bigger picture because he "doesn't care about his chats being seen" and because "bad guys" exist. It's the same short-sided thinking on the part of citizens that I hear so often. It's sad that so many of us let fear control us. Or better said, that the government promotes fear in order to control us.
  • And just because you or a certain percentage of folks feel security outweighs privacy (I know it's not either /or), doesn't make it so. Sorry that you decided to give up your individual rights, but i'm not willing to give up mines.
  • If your standard is "well, it can help governments from catching 'bad guys'", then why have a balance? You could conceivably cut down on terrorism risk immensely by turning the country into a police state. You could create curfews and checkpoints. You could make everyone carry papers and check them regularly. All of these measures would cut down on potential risk. Yet, I doubt you'd go that far. Why not? You could also use your "I don't care if they read my chats" argument to dismiss any push back on those more extreme measures. Show your papers: "I have a driver's license on me at all times. No big deal" Regulate speech: "I never say anything controversial. It doesn't bother me." Random searches: "I don't have any contraband. Why would I care?" The people who created the Constitution were smart, much smarter it seems than many people who would so quickly discard the freedoms they carved out for us. They understood how important it was to establish personal rights that could withstand the hysteria that grips societies on regular basis. They new that there would be an urge to curtail these freedoms when hardship and adversity came. That's why they made it so hard to do.
  • A contentious issue to be sure and it will never be resolved. A lot depends on where you live too I guess...