Tech News

NGOs and other organizations with limited resources can now build their own Android apps designed to bypass censorship filters in China and beyond, thanks to rights group GreatFire.org .

The China-focused anti-censorship group launched its new GreatFire AppMaker tool, allowing any organization that uses it to effectively unblock its content behind the Great Firewall and in other autocratic states.

GreatFire co-founder, Charlie Smith, told Infosecurity that the tool is based on the group's Collateral Freedom approach. This relies on hosting content on major cloud services like AWS that are too important for censors to block, whilst using encrypted domains so the censors can't selectively block URLs -- in effect meaning they'd have to take down AWS completely for all users inside the Middle Kingdom.

Organizations that want to build their own censorship-busting apps first need to visit the AppMaker website, choose a name for their app and specify the web page that the app will use to gather content from, as well as a file which will serve as the app icon.

The Chinese government has deployed an update to its national firewall, to block encrypted HTTPS connections that are being set up using the latest internet standards for encryption.

The ban has been in place since the end of July, according to a joint report published this week by three organizations tracking Chinese censorship -- iYouPort , the University of Maryland , and the Great Firewall Report.

In particular China is now blocking HTTPS+TLS1.3+ESNI.

TLS 1.3 is the latest encryption standard that can be used to implement https. Server Name Indication is used to specify which website is required when several websites are hosted using the same I address. By default it is unencrypted letting ISPs and snoopers know which website is being accessed even when using https. ESNI (Encrypted Server Name Indication) closes this loophole.

Other HTTPS traffic is still allowed through the Great Firewall, if it uses older versions of the same protocols -- such as TLS 1.1 or 1.2, or SNI (Server Name Indication). This rather suggests that these old encryption standards are now compromised.

Per the findings of the joint report, the Chinese government is currently dropping all HTTPS traffic where TLS 1.3 and ESNI are used, and temporarily banning the IP addresses involved in the connection, for small intervals of time that can vary between two and three minutes.

Note also that this news about Chinese censorship probably informs us about snooping capabilities in the UK. Presumably GCHQ and UK ISPs would be similarly blinded by HTTPS+TLS1.3+ESNI, whilst still being able to block and snoop on older standards.

TikTok says it will stop accessing clipboard content on iOS devices

A beta feature on iOS 14 showed what the app was up to

See article from theverge.com

 

Update: Others too!

29th June 2020. See article from arstechnica.com

TikTok and 53 other iOS apps still snoop your sensitive clipboard data Passwords, bitcoin addresses, and anything else in clipboards are free for the taking.

See article from arstechnica.com

 

Update: India bans 59 Chinese snooping apps

29th June 2020. See article from financialexpress.com

The Government of India on Monday banned 59 Chinese apps including TikTok and UC Browser which are prejudicial to sovereignty and integrity of India, defence of India, security of state and public order, news agency ANI reported. Majority of these apps were recently red-flagged by intelligence agencies over concerns that they were collecting user data and possibly also sending them outside of the country's borders.

Among the apps that have been banned are Tik Tok, Sharit, Kwai, UC Browser, Baidu map, Shein, clash of Kings, DU battery saver, Helo, Likee, YouCam makeup, Mi Community, CM Browsers, Virus Cleaner, Apus Browser, among others.