Amazon’s hosting platform threatens to ban Signal

Amazon Web Services (AWS) is threatening to ban the encrypted messaging app Signal over a method it uses to circumvent being censored in countries with autocratic governments.

The cloud computing platform sent Signal an email last week that said the messaging app’s technique of “domain fronting” — masking its domain name to avoid being censored — is a violation of AWS’s terms of service and AWS would suspend Signal if it continued the practice.

{mosads}Many countries like Egypt, Oman, Qatar, the United Arab Emirates and Iran have all tried to ban Signal within their borders by having domestic internet service providers block its domain name. Signal began to sidestep this by disguising traffic from its app as connected to Souq.com, Amazon’s Arabic e-commerce platform.

“It is also a violation of our Acceptable Use Policy by falsifying the origin of traffic and the unauthorized use of a domain,” AWS wrote in its email to Signal. “We will immediately suspend your use of CloudFront if you use third-party domains without their permission to masquerade as that third party.”

Signal had previously relied on Google for its domain fronting to bypass bans in the countries, excluding Iran; however, the search giant has recently moved to close this loophole.

“When Google’s leadership became more aware of domain fronting, it generated internal conversations about whether they wanted to put themselves in the situation of providing cover for sites that entire countries wished to block,” claimed Matthew Rosenfield (known as Moxie Marlinspik), a co-author of the Signal protocol.

Signal grew in prominence in the U.S. when many turned to the encrypted messaging app following President Trump’s election. It is one of several encrypted messaging apps used globally, including Telegram and the Facebook-owned WhatsApp.