[LINK] https/metadata

[Bernard Robertson-Dunn]

Seen on /.
https://tech.slashdot.org/story/16/12/22/1637207/encrypted-messaging-app-signal-uses-google-to-bypass-censorship

Developers of the popular Signal secure messaging app have started to
use Google's domain as a front to hide traffic to their service and to
sidestep blocking attempts. Bypassing online censorship in countries
where internet access is controlled by the government can be very hard
for users. It typically requires the use of virtual private networking
(VPN) services or complex solutions like Tor, which can be banned too.

>From a report on PCWorld
<http://www.pcworld.com/article/3152769/security/encrypted-messaging-app-signal-uses-google-to-bypass-censorship.html>:

Open Whisper Systems, the company that develops Signal -- a free,
open-source app -- faced this problem recently when access to its
service started being censored in Egypt and the United Arab Emirates.
Some users reported that VPNs, Apple's FaceTime and other voice-over-IP
apps were also being blocked.

The solution from Signal's developers was to implement a censorship
circumvention technique known as domain fronting that was described in a
2015 paper by researchers from University of California, Berkeley, the
Brave New Software project and Psiphon.

The technique involves sending requests to a "front domain" and using
the HTTP Host header to trigger a redirect to a different domain. If
done over HTTPS, such redirection would be invisible to someone
monitoring the traffic, because the HTTP Host header is sent after the
HTTPS connection is negotiated and is therefore part of the encrypted
traffic.

-- 

Regards
brd

Bernard Robertson-Dunn
Sydney Australia
email: brd at iimetro.com.au
web:   www.drbrd.com
web:   www.problemsfirst.com
Blog:  www.problemsfirst.com/blog