This is why Russia’s attempts to block Telegram have failed

By Matt Burgees for Wired

The Telegram ban in Russia doesn’t show any signs of slowing. But there may be consequences for the web at large.

Russia’s attempt to block encrypted messaging app Telegram isn’t going too well. In fact, two weeks after Roskomnadzor, its communications regulator, started trying to stop the app being used it’s managed to block pretty much everything but Telegram. So why is it proving so tricky?

On April 16, Roskomnadzor started its attempts to block Telegram within the country. After technological diversions from the app’s creator Pavel Durov, the service still remains available for use.

The block has divided parts of the Russian state, with Kremlin press secretary Dmitry Peskov admitting he is still using the app despite the attempts to ban it. “It works for me and there’s nothing to it,” Peskov was reported saying by The Moscow Times. According to other Russian media sources the country’s deputy prime minister is also still using Telegram.

“Few expected things to play out this way,” says Adrian Shahbaz, research manager at nonprofit Freedom House. “It was hard to imagine Telegram would do so well to remain accessible. And it’s unprecedented that Roskomnadzor would disrupt so much of the internet just to make an example out of Russia’s third most popular messaging app.”

So, why hasn’t Roskomnadzor been able to effectively block Telegram from being used? The answer lies in the technicalities of the internet’s infrastructure which many sort out using a service like https://cubik.com.tw/. Since January 2012, Roskomnadzor has held a “Single Register” or websites that are banned in the country. What’s included on this list isn’t up to Vladimir Putin or politicians – but is instead under the jurisdiction of the country’s legal system.

As is the case with Telegram, courts can make rulings that websites or internet services are illegal and shouldn’t be accessed. “It is very heavy-handed and pervasive filtering but it is done within an open legal framework and a relative amount of transparency,” explains Joss Wright, a senior research fellow with a focus on internet censorship at the Oxford Internet Institute. Russia’s courts ruled that Telegram should be blocked on April 13 for refusing to pass encryption keys to officials in the country.

After the block, Roskomnadzor would have identified the internet protocol (IP) addresses that were related to Telegram and ordered internet service providers (ISPs) to block them. Web hosting companies in the country can also be ordered to remove websites on their servers. In April 2017, the messaging app Zello fell foul of blocks and in 2016 LinkedIn was alsobanned.

To get around the block Telegram turned to a technique called domain fronting. The method essentially hosts a service on another company’s systems and effectively hides the traffic’s source. “It’s almost a bug but it’s more of an unintended consequence of the way these services work,” Wright explains. As a result of the block, Telegram turned to domain fronting using Google and Amazon’s hosting services. Domain fronting is often used as an anti-censorship tool but it has also been abused by cybercriminals to disguise malware.

“It basically hides the traffic as Google traffic and there’s no way the censoring authority can see that this is Google traffic and not Telegram traffic,” Wright adds. Ultimately, Roskomnadzor’s attempts to stop Telegram from domain fronting have seen it blocking pretty much everything except the messaging service. Reports from Russia say Google services, have been partially blocked as well as brief outages for Twitter, Facebook and Russian web giants Yandex and VKontakte.

The country’s Science Council has said the Telegram internet block is causing “serious” problems for scientists in the country. Meduza reports access to scientific journals has been limited in the millions of IP addresses that have had access revoked.

“What’s happened in this situation is Russia has turned around and said, ‘Look, Google is not more important to us than our laws,'” Wright says. “The moment you become important enough for a state to really pay attention to you, you tend to get swatted. That’s what has happened with Telegram and Google here.” Despite the global nature of the web, the internet still requires physical infrastructure to operate. Physical cables and servers are controlled within the borders of nations and fall under the laws of those states. 

In almost coincidental timing, Google has announced it will disable the ability for web services to use domain fronting. “Domain fronting has never been a supported feature at Google,” a spokesperson for the company told The Verge. The spokesperson said it was a “quirk” of its software systems and wasn’t intended to be there. “We’re constantly evolving our network, and as part of a planned software update, domain fronting no longer works. We don’t have any plans to offer it as a feature,” they continued.

The move from Google hasn’t gone down well. Digital rights group Access Now has said there are at least 12 “human rights-enabling technologies” that use domain fronting from Google and could be impacted. “Allowing domain fronting has meant that potentially millions of people have been able to experience a freer internet and enjoy their human rights. We urge Google to remember its commitment to human rights and internet freedom and allow domain fronting to continue,” Nathan White, the group’s legislation manager said in a statement.

Shahbaz, of Freedom House, says he expects Russia and other countries who want to control the internet will attempt to create their own private messaging services. “We’re likely to see authoritarian countries promote their own alternatives to the major tech companies – ones that domestically based, and far easier to control,” he says. One Russian company, Mail.ru, has heavily pushed its own chat app TamTam since the ban of Telegram and in Iran the government has released its own app, known as Soroush, to replace Telegram.