How to maintain confidentiality of correspondence, after law Spring”

The Federation Council meeting during which the Senate unanimously passed the “Spring package”, has generated a public debate on whether to maintain the confidentiality of correspondence on the Internet after its entry into force. The edition Fontanka listed several ways to keep the secrecy of correspondence.

The package of anti-terrorist laws called the “law of Spring”, retired from the Federation Council in the Kremlin on the signature of Putin. The latter, according to Dmitry Peskova, “has not yet made a final decision”. Among other things, the act requires mobile operators and ISPs to store the correspondence of users in the messengers and the messengers – in the very vague wording – to give the FSB the keys to the ciphers. Russian officials, businessmen and even the security forces, already accustomed to conduct confidential negotiations in Telegram, Viber and WhatsApp, have shifted in their soft leather chairs.

The package was developed by state Duma Deputy Irina Yarovaya and Federation Council Senator Viktor Ozerov, no fancy words “messenger”. Does not give them special attention in his speeches and the authors of the law. However, the feature of the functioning of the field, which they decided to radically rebuild, clearly interested in them only in General terms: as you know, the same lake, speaking in the Federation Council on June 29, admitted that he never heard of a mobile operator, Tele2. Although ordered the company, along with the so-called “big three” to keep all the talk of Russians within six months.

The messengers formally fall under the vague concept of “organizers of information distribution in the Internet”, which was introduced in 2014. Giving a definition of this term, the legislator did not spare the citizens in simple language: it is enough to say that it is used such modern terms as “electronic computing machine”. If you translate legal language into the ordinary language, “organizers of information distribution” is any forums, guest books or blogs, on which there is at least some user interaction.

In the current version of the Law “On information” the most mysterious, the organizers have six months to store information about what users copied or forwarded to “photoshopped pics”. But not the content of communication. The “Spring package” is provided for increasing this period up to 1 year, as well as mandatory storing of the correspondence is with photos and videos. However, the latter requirement takes effect from July 2018.

But now, if President Vladimir Putin signs a controversial package of laws, “organizers of information distribution” will be required to provide the FSB the key to decode messages if they are hidden from all-seeing eye with the help of Cryptologic algorithms. In particular, Vkontakte, Facebook, Twitter, sites, ticket sales, online banks use the HTTPS Protocol. “Each connection through HTTPS is encrypted with a unique key. It turns out that for each session, need to keep their own codes. This vast array of information”, – said the Executive Director of the Association of alternative Telecom operators Alexei Leontiev.

However, the same Facebook or Twitter and have not registered as “organizers of information distribution”, in contrast to the “Vkontakte”. Although Roskomnadzor in the late summer of 2015 asked them to do it. Thus, they now do not comply with the requirements of the Russian legislation, therefore, most likely, will not rush and follow the rules of the “Spring package”. No in the appropriate register and messengers Viber, Telegram, WhatsApp etc.

Obedient Viber

Thus, according to experts, there are many legal issues: whether services are required to communicate to put before the security services encryption key on the table, if not officially regarded as “organizers of information distribution”? And is it possible to punish them for refusing to disclose the codes, as provided by the “Spring package” (the penalty from 800 thousand to 1 million rubles)? To check how the state intends to enforce the controversial law, we will be able in the near future: Telegram founder Pavel Durov has already said he does not intend to transfer to the Russian security services are the keys to its ciphers.

But Viber, according to IT, an Evangelist messenger FireChat Anton Merkurov, “very obedient”: the company has complied with another requirement of the Russian legislation and moved the servers with personal data of Russian citizens on the territory of the Russian Federation. For this reason, he did not rule out that Viber will be to cooperate with the secret services. In the Russian office of Viber said that it will announce its position in coming days, the press office WhatsApp did not respond to the request.

If Viber do make concessions, the “Spring package” will immediately perform half of the tasks in front of him set by the developers. According to statistics, J’son&Partners Consulting, a different kind of messengers use 50 – 60 million Russians. Leadership is what Viber had it installed about 60% of the total audience of these services. WhatsApp is second with 49%, and the third and all is Skype. The popularity of Telegram in times less, although by some it is considered more reliable, including thanks to the secret chat. For comparison, WhatsApp has enabled end-to-end encryption of all messages until the spring of 2016.

Without the encryption keys it is possible to track only the fact that someone communicates via messenger. “When a user from your home Wi-Fi network writes someone in WhatsApp, we have recorded only the fact of addressing a particular user in server WhatsApp. We have not shown, with whom he communicates. Encrypted and the recipient in the response message”, – says General Director of “upholstered” Andrey Guk. However, says Anton Merkurov, if the codes popular messengers will be revealed or the apps themselves will block in Russia, there is always the opportunity to go to some less popular alternative service.

Alternative from Snowden

For example, right now in certain circles, gaining popularity Swiss Threema. In addition to the powerful encryption app has the ability to hide your phone number or e-mail, specified during registration: the user will be possible only by a unique ID. Each was also given their own QR code. If you are in a Park or on the street, meet a man, known only by Threema, identify it, bring your QR code to it.

A high level of privacy, according to experts, provides the U.S. and Wickr. As Pavel Durov in relation to your Telegram, the developers of this messenger are willing to pay a tidy sum to someone who can read the encrypted message. It offers the same features as the popular Telegram: the ability to set a timer to destroy the message on your phone and your contact’s phone, a ban on any screenshots while using the app. The last option was designed on the case if a third party has access to the photos stored on your phone: for example, if synchronization with a hacked cloud services, that is, the virtual storage server.

Confidential calls can be made via Signal: it encourages by Edward Snowden. In order to preserve privacy and to use messengers that are not popular outside of their countries. For example, Korean Kakao Talk, which in South Korea are using 93% of smartphone owners. “Messengers are so many that to put them all on control is impossible”, – said Anton Merkurov. And the most ardent supporters of the intact correspondence can create yourself extra protection, communicating through the Swiss Blackphone, which the developers have positioned as “the most sensitive smartphone”. In particular, it allows you to control why each particular application goes into the network, and regulate its activity, as well as remotely wipe all the data.

However, it will cost cryptocanthon 60 000. Those who advocate for complete anonymity, but for less money, experts on cybersecurity suggest just buy a SIM card of a foreign state and a new smartphone. And then put the app Orbot, through which all outgoing and incoming Internet traffic will go through the anonymous Tor network.

Clifton Nichols

Clifton Nichols

Hi! I’m Clifton and I am a full-stack engineer with a passion for building performant and scalable applications that are beautiful and easy to use.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *