Russia’s assault on Telegram the first salvo in its war against encryption
While Putin’s regime has long controlled the traditional television and other mass media, we are now witnessing a new chapter in Russian state control. On Friday, Roskomnadzor, Russia’s communication agency, asked courts to block access to Telegram, a messaging app similar to WhatsApp.
Telegram was created by Nikolai and Pavel Durov, who refused to provide the government with encryption keys, or an equivalent backdoor. Providing such a backdoor would have allowed the Russian state to have monitored every text or call using Telegram, possibly in real-time, by users in Russia and abroad.
{mosads}And while Telegram is on the firing line right now, WhatsApp, Facebook, Google, LinkedIn, Viber and other companies are all in the sights of the Kremlin as well. Telegram was likely selected as it is smaller, possibly an easier target and heavily used by opposition parties. If the Russian government can either block the app entirely or force Telegram to hand over decrypted messages, it will send a clear message to the bigger operators.
Forcing messaging companies to hand over their keys or provide backdoors and relocate user data ultimately has little to do with preventing terrorism or protecting the Russian people. If the current regime was truly interested in that it would focus on the basics, like the enforcement of fire codes that could have prevented the ghastly shopping center fire in the Siberian city of Kemerovo in March that killed dozens, or even getting to a true accounting of the now buried “terrorist” apartment bombings in 1999.
What is really happening here is that the Russian state is striving for ever more complete domination over mass media and the Internet. This step is simply the latest in a series of moves clamping down on any communication channels that cannot be intercepted and monitored.
End-to-end encryption on smartphones, tablets and laptops, where only the users have the encryption keys, effectively blocks state spying. In the post-modern world, whoever controls the keys and the certificates that secure communications holds all the cards. And Telegram’s real sin is that it gives that power to individual Russian citizens, not the Russian state.
Fortunately, the US, UK and other Western governments have so far resisted the siren call of perfect information and have held back from mandating similar backdoors. As cyber security experts have warned, any “exceptional” access for law enforcement will almost certainly create vulnerabilities that could be exploited by criminals or other nation states, making us all less safe.
As Aliaksandr Herasimenka wrote in February, opposition leader Alexi Navalny unpleasantly surprised the Kremlin with his ability to politically organize en-masse across Russia using VK and Telegram, equivalent to FaceBook and WhatsApp in the US.
And while the Ukrainian Orange Revolution may be slipping out of the West’s collective short-term memory, it is still the primary threat to the survival of Putin’s regime. Blocking encrypted messaging chokes off a powerful communication channel and makes future political organization by the opposition far harder.
To the extent that the Russian government is successful here, the added danger is that organized criminal groups, potentially with contacts within the state, also gain access to private conversations. These risks are dark and deeply troubling and recent cyber security history doesn’t offer much comfort that such risks will be successfully mitigated.
Looking ahead, it is increasingly possible to discern a future world dividing into countries that are digitally free and those no longer free. Russia is joining Iran and China, where people are locked behind a constantly evolving cyber wall that attempts to block out the world beyond the same way that the Berlin Wall did before 1989.
The silver lining is that technology, and the Internet especially, is a very slippery and constantly changing beast. Governments can choke off apps and channels one-by-one, but talented programmers will always create another.
Other end-to-end encryption apps, for example, Signal, an open-source messaging app created by Open Whisper Systems, are waiting in the wings. And as more web traffic is encrypted by default it will become harder over time for authoritarians globally to control and monitor the flow of information.
Finally, Putin has clearly not learned the deeper lessons of the Cold War. Paradoxically, the core strength of the West does not ultimately derive from military hardware or economic numbers. It comes instead from a less tangible source: a highly productive, free and empowered population turned loose with opportunity, with fate firmly in their own hands. And on that score Russia continues to be the backward nation, lost in the mists and myths of the past.
Broderick Perelli-Harris is the senior director of solution architecture for Venafi, a cybersecurity firm focused on the security and protection of machine-to-machine communication.
Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed. Regular the hill posts