Tech News

Tech entrepreneur Joseph Thompson has founded a start-up technology company AID:Tech which has created a digital app to act as a global identity card.

Apparently it is one of the United Nations' Sustainable Development Goals that everyone has a control enabling legal identity, including birth registration, by 2030. This the prompted the World Bank to launch its Identification for Development (ID4D) initiative in 2014.

The latest data from the Bank shows there are just over 987 million people in the world who have no legal identity, down from 1.5 billion in 2016. The majority live in low-income countries where almost 45% of women and 28% of men lack a legal ID.

The blurb about Thomson's waves its arms about blockchain and makes the unlikely claim that the unlikely claim that the digital identity is accessible only to the person whose ID it holds. I can't imagine many country's authorities would be happy with a system that they cannot access.

NGOs and other organizations with limited resources can now build their own Android apps designed to bypass censorship filters in China and beyond, thanks to rights group GreatFire.org .

The China-focused anti-censorship group launched its new GreatFire AppMaker tool, allowing any organization that uses it to effectively unblock its content behind the Great Firewall and in other autocratic states.

GreatFire co-founder, Charlie Smith, told Infosecurity that the tool is based on the group's Collateral Freedom approach. This relies on hosting content on major cloud services like AWS that are too important for censors to block, whilst using encrypted domains so the censors can't selectively block URLs -- in effect meaning they'd have to take down AWS completely for all users inside the Middle Kingdom.

Organizations that want to build their own censorship-busting apps first need to visit the AppMaker website, choose a name for their app and specify the web page that the app will use to gather content from, as well as a file which will serve as the app icon.

The Chinese government has deployed an update to its national firewall, to block encrypted HTTPS connections that are being set up using the latest internet standards for encryption.

The ban has been in place since the end of July, according to a joint report published this week by three organizations tracking Chinese censorship -- iYouPort , the University of Maryland , and the Great Firewall Report.

In particular China is now blocking HTTPS+TLS1.3+ESNI.

TLS 1.3 is the latest encryption standard that can be used to implement https. Server Name Indication is used to specify which website is required when several websites are hosted using the same I address. By default it is unencrypted letting ISPs and snoopers know which website is being accessed even when using https. ESNI (Encrypted Server Name Indication) closes this loophole.

Other HTTPS traffic is still allowed through the Great Firewall, if it uses older versions of the same protocols -- such as TLS 1.1 or 1.2, or SNI (Server Name Indication). This rather suggests that these old encryption standards are now compromised.

Per the findings of the joint report, the Chinese government is currently dropping all HTTPS traffic where TLS 1.3 and ESNI are used, and temporarily banning the IP addresses involved in the connection, for small intervals of time that can vary between two and three minutes.

Note also that this news about Chinese censorship probably informs us about snooping capabilities in the UK. Presumably GCHQ and UK ISPs would be similarly blinded by HTTPS+TLS1.3+ESNI, whilst still being able to block and snoop on older standards.