Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Help users in Iran reconnect to Signal
New on LowEndTalk? Please Register and read our Community Rules.

Help users in Iran reconnect to Signal

Signal is currently blocked in Iran. To help people in the country access Signal, on your VPS run a proxy based on a Docker. "The proxy is extremely lightweight. An inexpensive and tiny VPS can easily handle hundreds of concurrent users."

https://signal.org/blog/help-iran-reconnect/

«1

Comments

  • If it weren't a centralized, primary developed to run on unsecure platforms and requiring a telephone number, I would say yes.

    But no, I will continue to help people run XMPP.

  • NeoonNeoon Member, Community Contributor

    A server with ports 80 and 443 available.

  • desperanddesperand Member
    edited September 25

    @postcd said: Signal is currently blocked in Iran. To help people in the country access Signal, on your VPS run a proxy based on a Docker. "The proxy is extremely lightweight. An inexpensive and tiny VPS can easily handle hundreds of concurrent users."

    This is some kind of bullshit.
    Not need to use "signal" crap. Totally awful shit.
    Better to use telegram.

    Telegram has BEST in the world anti-censorship solutions called mtproxy.
    https://github.com/TelegramMessenger/MTProxy

    https://mtpro.xyz/

    You just share a link -> a customer click to the link -> settings automatically applied to telegram. Boom -> you have proxy for tg hassle free and extremely hard to detect and block.

    Also, in telegram there is a feature called "p2p" secret chats. Which is NOT widely used because hidden in smartphone options.

    Click on any contact "..." dots menu -> secret chat. Boom you have secured p2p chat conversation which has totally different pattern in tcp, because encryption keyes generated differently, and HARD very HARD to bold and highlite these packets in packet flow, due to always diferent user to user patters of data sent.

    DO NOT USE SIGNAL.

  • JeDaYoshiJeDaYoshi Member
    edited September 25

    @desperand said:
    Also, in telegram there is a feature called "p2p" secret chats. Which is NOT widely used because hidden in smartphone options.

    Click on any contact "..." dots menu -> secret chat. Boom you have secured p2p chat conversation which has totally different pattern in tcp, because encryption keyes generated differently, and HARD very HARD to bold and highlite these packets in packet flow, due to always diferent user to user patters of data sent.

    Secret chats are still routed through Telegram's servers, not directly between recipients, so this is false on its own. The only difference to regular chats is that they're encrypted exclusively to the recipient.

  • afnafn Member
    edited September 25

    are we really having a fight between telegram and signal fanboys?

    You both need to realize both suck af!

    Next thread: Windows VS mac, oh wait no winner, fuck both.

  • tjntjn Member
    edited September 25

    @desperand said:
    DO NOT USE SIGNAL.

    Your justification for not using Signal is based on the fact that you have to click a link that autoconfigures a proxy for you - as opposed to do doing it manually? Lol

    Also - unless I'm mistaken:

    • Telegram does not enable end to end encrypted chats by default - it isn't "hidden" that's a design choice
    • Had a few scandals in the early days of being breached and associated to Russian govt / dodgy sources
    • Has till today never undergone a third party security review (the Italian "audit" doesn't count)
    • The servers are not open source or transparent
    • It collects and stores far too much data in the name of "privacy", including your IP address
    • MTProxy has had quite a few bugs, holes, and was exploited by several MITM vectors - last one was last year
    • Millions of user's private info was dumped by the Iranian govt by creating an unnoficial fork that went unnoticed for quite a while in 2016 because of weaknesse's in their API
    • They clearly have the tools to identify and track users, as evident by their co-operation with the German govt as reported by Der Spiegel original - translated

    The list of scandals and controversies is long...

    Signal is far superior to Telegram when it comes to protecting people's privacy, and cryptography. There's a reason Telegram isn't blocked and Signal is.

  • rm_rm_ Member
    edited September 25

    Sounds too limiting and awkward to promote running single-service proxies. Better to run Tor Bridges instead, surely not only Signal is censored in Iran, so they might also need unfiltered access to other things as well?

    Before the usual "Tor" reaction, no, running a bridge does not put you in trouble, and no it does not even consume a ton of network traffic.

  • tjntjn Member

    @rm_ said:
    Sounds too limiting and awkward to promote running single-service proxies. Better to run Tor Bridges instead, surely not only Signal is censored in Iran, so they might also need unfiltered access to other things as well?

    A lot of effort has gone into deploying additional bridges and leveraging snowflake for Iranian users!

  • desperanddesperand Member
    edited September 25

    @tjn said: Your justification for not using Signal is based on the fact that you have to click a link that autoconfigures a proxy for you - as opposed to do doing it manually? Lol

    no, my opinion based on the war in my country, where tons of russian crap software with tons of spyware included and wide spread without any security research about software. That software on the first days of war were used against citizens, and was used to intercept messages and get information.
    I by myself analyzed around 20+ messangers since begining of war in my country.
    There are only few apps which seems okay. Other apps showed their full trash outside the box in specifically Ukraine. Tons of spyware, trojans, bugs, not easy to use whatever (pick few, depends on software different problem).

    Or extra included apis which helps to identify a person. Which after a time change versions and "like nothing happened we did not track or spy for you and against you", because version is different, and you can't compare these packages between each other.

    I do not like protect telegram. But it's one of the good solutions with balance "frendly / secure / hassle-free"

    Other alternatives - sucks.

    Try to get me correctly. I know that Durov is russian. But his products has open-source code, and it's easy to manipulate and manage the code and send self-encrypted messages from the app by modifying app a little bit.

  • Look. The guy's just trying to use services and communicate with others using a specific solution, Signal. There's a time and place to argue about the technology/solution but maybe Signal is something that they're stuck with and the time/place to change platforms has passed.

    Chill out and if you can lend a hand for signal just do it. Bitching about "Use Telegram pleb" is such a neckbeard thing to do right now. Higher priority (imho) is to re-establish contact for those inside the country, not criticize about "Signal bad"

  • @rm_ said:
    Sounds too limiting and awkward to promote running single-service proxies. Better to run Tor Bridges instead, surely not only Signal is censored in Iran, so they might also need unfiltered access to other things as well?

    Therefore, they also suggest promoting the proxies on Twitter, which itself is blocked...

    Anyway, this is a futile exercise since the government is known for shutting down the whole connectivity when there is too much agitation.

  • YmpkerYmpker Member
    edited September 25

    One more alternative in the mix would be Session.

    Not sure how good of an alternative it is for you guys, but I used https://getsession.org/ for a while. Seemed like a decent, privacy-centred solution with e2e encryption.

    Screenshot_2022-09-25-22-04-07-825_com.android.chrome

    Screenshot_2022-09-25-22-05-01-751_com.android.chrome

    Thanked by 1postcd
  • Users from Iran say their government blocked SMS OTPs without which signing up for signal is not possible. Also it’s a bad idea to use signal as it has no option to hide phone numbers. Like the other user mentioned, telegram secret chat is a better option as it is E2E and has inbuilt proxy options since forever. Or Element or Session or any other messaging service that doesn’t require a phone number and offers decent anonymity is what they need at the moment. Signal is just shamelessly using the situation to promote their app IMO.

  • YmpkerYmpker Member
    edited September 26

    @jmaxwell said:
    Users from Iran say their government blocked SMS OTPs without which signing up for signal is not possible. Also it’s a bad idea to use signal as it has no option to hide phone numbers. Like the other user mentioned, telegram secret chat is a better option as it is E2E and has inbuilt proxy options since forever. Or Element or Session or any other messaging service that doesn’t require a phone number and offers decent anonymity is what they need at the moment. Signal is just shamelessly using the situation to promote their app IMO.

    Exactly. I am by no means an expert on this topic, but like you suggested Session (which I mentioned above) and Element seem to be some good alternatives. If you opt for Session keep in mind that there are two "modes" for message delivery. Fast mode uses partly Google Services (even though your messages still remain encrypted ofc), but you can always opt for "slow" mode (from my experience 15 minutes delay but fine IMHO). Since I didn't bother too much I opted for fast mode. If that's an issue for you just make sure to select slow mode :)

    Quoting Session: https://getsession.org/faq

    How do push notifications work on mobile platforms? Are there any privacy compromises?

    Session’s Android client has two options for notifications: background polling (slow mode), and Firebase Cloud Messaging (fast mode).
    If you choose slow mode, the Session application runs in the background and periodically polls its swarm (see What is a swarm) for new messages. If a new message is found, it is presented to you as a local notification on your device.

    If you choose fast mode, Session will use Google’s FCM push notification service to deliver push notifications to your device. This requires that your device IP address and unique push notification token are exposed to a Google operated push notification server. Additionally, you will expose your Session ID and unique push notification token to an OPTF operated push notification server, for the purpose of providing the actual notifications to the Google FCM server.

    These exposures are fairly minimal, Google will likely already know your device’s IP address through telemetry data or other applications on your device using push notifications. Registration of your Session ID and unique push notification token to the OPTF push notification server is necessary for detection and signaling of new messages and is low impact as registration occurs using onion requests meaning your Session ID and push notification token are never tied to any real world identifier (such as your IP address).

    When using fast mode neither Google nor the OPTF can see the contents of your messages, who you’re talking to, or exactly when messages are sent or received.

    Also if you desperately need SMS OTPs there are services like https://5sim.net/ .

    Last but not least, if you need a VPN @postcd http://hidemy.name/ offers free 24 trial where you only need to enter a (fake) email address to receive a code. In general, similar to Mullvad, you won't have to sign up for this VPN with any personal data. Just a (throwaway) mail and the code (numbers) you receive is your ticket in. Might be worth checking out. If you don't want to use their apps you can always go to https://hidemy.name/en/faq/vpn/vpn-installation-and-configuration/router/another/ and download ovpn config files using the trial code you were sent.

    Thanked by 1Arkas
  • babuumbabuum Member
    edited September 26

    Please also run Snowflake proxies. https://snowflake.torproject.org/ there is a browser plugin or you can run the standalone software as Docker container or directly on your VPS. https://community.torproject.org/relay/setup/snowflake/standalone/

    Thanked by 1yoursunny
  • YmpkerYmpker Member
    edited September 26

    There's also https://hidemy.name/en/proxy-list/ for regular proxies.

  • As expected, end user connectivity has been shut down. So, Signal can still try to run as many proxies as they want.

  • emgemg Member
    edited September 26

    If you are not in the US or subject to US export regulations, then skip to the next post.

    TL;DR:
    The US government just loosened the export rules to allow US residents to provide the kind of support to the people of Iran that @postcd is requesting in this thread.

    The Treasury Department's Office of Foreign Assets Control (OFAC) just issued a general export license for those who are supporting the internet communications of the people of Iran. The license makes it legal for US residents to provide personal communications software and support to the people of Iran, but not the Iranian government. A general export license does not require paperwork or special permission from anyone. You provide the service or send the software and that is it.

    Pay attention to the details. Here are links:
    Summary Page:
    https://home.treasury.gov/policy-issues/financial-sanctions/recent-actions/20220923
    License Details:
    https://home.treasury.gov/system/files/126/iran_gld2.pdf
    FAQ:
    https://home.treasury.gov/policy-issues/financial-sanctions/faqs/added/2022-09-23

    Thanked by 1raindog308
  • NyrNyr Member, Community Contributor

    @UrDN said: As expected, end user connectivity has been shut down. So, Signal can still try to run as many proxies as they want.

    Not fully. Iranians are routing domestic connections via Iranian proxies which still have access to the global internet.

    Situation is rapidly evolving of course, but that is what is working right now.

  • One of my Iranian friends uses telegram via a ShadowSocks Proxy which is then connected to a VPN, or something like that. Works a charm. (He uses it for his whole internet)

  • I host one now.

    Thanked by 2postcd tjn
  • An alternative to common Tor browsing could also be Lokinet ( https://lokinet.org/ ) which is used for Getsession messenger.

    Thanked by 1tjn
  • Thanked by 2tjn stevewatson301
  • @postcd said: Signal is currently blocked in Iran

    Did you tried Telegram?

  • ChuckChuck Member
    edited September 27

    how did they block Signal?

    Are they blocking the phone number or Signal ports?

  • I see here so many comments, everyone offers suggestions with proxies services and how to host on your VPS a proxy for ppls in Iran but:
    (1) How do you assure nobody is not doing illegal stuff using your IP/machine?
    (2) Which solution is the best from what is written above? (Snowflake, Session, etc_)

  • NyrNyr Member, Community Contributor
    edited September 28

    @SirNeo said: I see here so many comments, everyone offers suggestions with proxies services and how to host on your VPS a proxy for ppls in Iran but:
    (1) How do you assure nobody is not doing illegal stuff using your IP/machine?
    (2) Which solution is the best from what is written above? (Snowflake, Session, etc_)

    The main proven and consistent open source solutions are Snowflake and V2Ray/Shadowsocks.

    Snowflake just provides access to Tor over WebRTC using mostly short lived hosts. As such, it does not carry exit traffic and you do not need to worry about abuse.

    Shadowsocks is like a normal SOCKS proxy with encryption and some other stuff, as such hosting a public instance is guaranteed to attract abuse. Anyway public Shadowsocks hosts are not useful as they would be blocked fast.

    Thanked by 1postcd
  • GhtGht Member

    Who wants to help a country that threat international security and its famous for cyber attacks, i think nobody.

  • @Ght said:
    Who wants to help a country that threat international security and its famous for cyber attacks, i think nobody.

    Other people, who help people that demand a change and fight vs terrorist regime

    Thanked by 3postcd tjn skorous
Sign In or Register to comment.