Phone News

Signal, an encrypted messaging apt for mobile devices had its service blocked in Egypt and UAE.

Now Signal have responded by making a new release available to those territories that should make the censors thinks twice before reaching for the block option.

The new Signal release uses a technique known as domain fronting. Many popular services and CDNs, such as Google, Amazon Cloudfront, Amazon S3, Azure, CloudFlare, Fastly, and Akamai can be used to access Signal in ways that look indistinguishable from other uncensored traffic. The idea is that to block the target traffic, the censor would also have to block those entire services. With enough large scale services acting as domain fronts, disabling Signal starts to look like disabling the internet. When users in the two countries send a Signal message, it will look like a normal HTTPS request to www.google.com. To block Signal messages, these countries would also have to block all of google.com.

Update: Cuba and Oman

1st January 2017 See  article from engadget.com

Signal , the messaging app that prides itself on circumventing government censorship, has a few new places where its flagship feature works. Last week it was Egypt, and now users in Cuba and Oman can send messages without fear of them being intercepted and altered by lawmakers.

Google Play and Apple have banned an app designed to help women obscure nudity when posting images online.

Model Melina DiMarco has designed an app called Nood to provide simple stylised lady parts to post over your own, to get round censorship rules on nudity. She claims other options for censoring photos, for example black bars and crosses, encourage the sexualisation of the female form. DiMarco said:

It's a photo editing app where you can upload a photo and put illustrated nipples over your nipples and an illustrated vagina over your vagina.

As a woman and as a model I don't quite understand why my male counterpart can post freely on social media but I cannot. Nipples are nipples, there's no difference. Female nipples, male nipples, they're all the same.

However the App Store and Google Play Store claim her app promotes explicit content Apple claimed the app includes content that many users would find objectionable and offensive , while Google says we don't allow apps that contain or promote sexually explicit content .

Kryptowire, a security firm, recently identified several models of Android mobile devices that have preinstalled permanent software that serves as backdoor collecting sensitive personal data, including text messages, geolocations, contact lists, call logs, and transmits them to a server in Shanghai, China.

Without users' consent, the code can bypass Android's permission model. This could allow anyone interested in a mobile user's data -- from government officials to malicious hackers -- to execute remote commands with system privileges and even reprogram the devices.

The firmware was developed by Chinese company Shanghai ADUPS Technology Company. ADUPS confirmed the report with a bollox statement claiming that it was somehow to do with identifying junk texts.

Kryptowire's research reveals that the collected information was protected with multiple layers of encryption and then transmitted over secure web protocols to a server located in Shanghai. The data transmission occurred every 72 hours for text messages and call log information, and every 24 hours for other personally identifiable information.

ADUPS also explained that the "accustomed" firmware was 'accidentally' built into 120,000 mobile products of one American phone manufacturer, BLU Products. After BLU raised the issue, ADUPS explained that the software was not designed for American phones and deactivated the program on Blu phones.

The news has been widely reported in foreign media as ADUPS is among the largest FOTA (firmware over the air) providers in the world. The company provides a cloud platform for mobile device management to over 700 million active users in 200 countries, which is equivalent to 70% of the global market share as it works closely with the world largest cheap mobile phone manufacturers ZTE and Huawei, both of which are based in China. In 2015 alone, Huawei sold more than 100 million smartphones.

Chinese netizens have not been surprised by the news. Reports about spyware preinstalled in Chinese mobile brands have circulated for many years among mainland and overseas Chinese speaking-communities. In 2014, Hong Kong Android Magazine reported that Xiaomi's smartphones designed for overseas markets were automatically connecting to an IP in Beijing and that all documents, SMS and phone logs, and video files downloaded were being transmitted to a Beijing server.

In 2015, Germany-based security company G-Data also found out that at least 26 Android mobile brands had preinstalled spyware in their smartphones. The three biggest Chinese smartphone manufacturers, Xiaomi, Huawei and Lenovo were all listed.

China's newly passed Cybersecurity Law has provided legal ground for the smartphone's backdoor operation. The law requires "critical information infrastructure operators" to store users' "personal information and other important business data" in China.

In response to the news, many Chinese netizens are pointing out the abusive use of personal data and government surveillance has become the norm.

Iran's internet censors has banned the world's most popular mobile game. The country's High Council of Virtual Spaces banned Pokémon Go on Friday, citing bollox about security concerns.

Pokémon Go has not yet been released in Iran, but residents have downloaded the app via unofficial channels such as VPNs.

The augmented-reality game requires players to search the world for pokémon, small animated monsters, that they then catch.

After blocking more than 400,000 websites for supposedly objectionable material, now Pakistan Telecommunication Authority (PTA) is considering to restrict porn sites on mobile handsets also.

Censors said that the authority has received complaints that porn sites are accessible on internet. Whether you access internet through personal computer or mobile phone the law is same; objectionable sites are banned in country, a censor said. He said authority has received complaints that adult content is accessible on almost all the major telecom networks:

We are investigating why it is available on mobile phones, but I think mobile service providers are using VPN.

According to sources in industry, telecom service providers are not blocking porn content due to business considerations. Browsing websites may only consume some megabytes but if you download or watch some movie the data consumption is in gigabytes, a source said.

According to experts, PTA will direct all the telecom operators to establish Internet Exchange Point (IXP) to facilitate the local internet traffic to remain local and block the supposedly objectionable sites.

The NSPCC has demanded that the makers of Pokemon GO introduce child safety features before the game is released in the UK. Peter Wanless, the chief executive of the children's campaign company, whinged:

Given Pokemon's already massive popularity with children, the NSPCC is concerned that basic safety standards appear to have been overlooked.

I urge you to urgently reassess your app and its security and safety features.

We all have a responsibility to ensure that children are protected and as creators of a game with substantive reach, you have a weighty responsibility to protect your young users.

The game lets players capture virtual cartoon animal-like creatures on their phones, as they wander around the real world.

There have been scare stories, though, of criminals using the game to lure players to remote locations and to rob them. In another instance, players following digital trails were directed to a sex shop.

The Chinese government is taking up new censorship measures to root out what it claims as undesirable content in mobile games.

Under the new set of procedures released by China's State Administration of Press, Publication, Radio, Film and Television (SAPPRFT), all mobile games released in China going forward must comply to an extensive set of rules and be submitted for review 20 days in advance of the game's release date. The country already has tight regulations on PC-based games and console games, so the new regulation extends that stronghold farther.

As for the numerous games already released in the Chinese market, they too are subject to the new guidelines, and the agency intends to retroactively approve these games with a submission deadline set for October 2016. If a game has not applied for approval by October 1st , it will be shut down.

Poised to take effect on July 1, 2016, the new restrictions are applicable to all downloadable or Internet-connected games on smartphones and other devices. But they are not necessarily limited to the gaming segment alone.

China has released a new set of oppressive rules that require all mobile app users as well as the App Store to have a real name registration and to maintain activity logs from users for a period of 60 days.

According to Reuters , the Cyberspace Administration of China (CAC) wants to get a full censorship grip on the rapidly expanding app market.

According to the South China Morning Post, the new rules cover information services through mobile Internet apps as well as app store services on the Chinese mainland.

Based on the new rules, users are required to register their real names with the app provider before they will be allowed a public alias or username.

The app provider then verifies all the information collected by mobile numbers or any other means. They are also required to regulate accounts or user profiles that violate the rules on the publishing anything that the state does not like.

A anonymous app operator commented to the South China Morning Post:

Many users like to comment on social and political news on live-streaming and news apps. Now they will need to think twice before making any comment that authorities could claim spurred public scares or rumors.

\Microsoft has announced that Windows Store apps face removal if they are not updated for the International Age Rating Coalition's (IARC) rating system by 30 September 2016.

The new IARC rating system was introduced by Microsoft at the start of the year as a way to simplify the age rating process. Developers must fill in a questionnaire with general descriptions of age related issues. Software will then generate age classifications for each relevant region, including the Entertainment Software Rating Board (ESRB) for North America, Pan European Game Information (PEGI) for Europe and the Classification Board (ACB) for Australia.

It is expected that many apps will be culled more for being no longer maintained, rather than any refusal to provide the required rating information.

Following Utah's resolution claiming pornography to be a public health crisis, a lawmaker is drafting bills to mandate anti-porn filters on cellphones and computers at public libraries.

Senator Todd Weiler, a Republican, said he is drafting legislation that would require cellphone makers to install porn-blocking filters on their devices, which would be removed if it's verified the owner is over 18.

Senator Weiler author of Utah's anti-porn resolution called it backwards that parents have to purchase and install filtering software on a child's phone, when manufacturers could make it a feature of the device.

The senator is also drafting legislation that would require public libraries to install porn-blocking filters on computers to prevent minors from accessing adult-oriented sites on the internet.

The Utah Library Association expressed concerns about the proposed legislation. Dustin Fife, the president of the ULA, said most libraries have some form of filtering in place to qualify for state and federal funding and said Sen. Weiler's bill would be redundant. Fife said the ULA had concerns that filtering would block legal and useful materials protected by the First Amendment that some consider objectionable. He said libraries are places of inclusion, rather than exclusion. Fife added:

Libraries have a great duty to support their communities and to promote a diversity of thought, information, and dialogue. Be wary of any law that limits that traditional role. When it comes to the rights of parents and the First Amendment, only incredibly finite and thoughtful laws should be passed in order to avoid chilling intellectual freedom and promoting censorship.

Messaging app WhatsApp has announced that it has added encryption for all voice calls and file transfers for all users.

It renders messages generally unreadable if they are intercepted, for example by criminals or law enforcement. No doubt if the security services throw all their computing might at a message then they may be able to decrypt it by brute force.

The Facebook-owned company said protecting private communication of its one billion users worldwide was one of its core beliefs . Whatsapp said:

The idea is simple: when you send a message, the only person who can read it is the person or group chat that you send that message to. No one can see inside that message. Not cybercriminals. Not hackers. Not oppressive regimes. Not even us.

Users with the latest version of the app were notified about the change when sending messages on Tuesday. The setting is enabled by default.

Users should be aware that snoopers can still see a whole host of non-content data about the communication, such as who was using the app, who was being called, and for how long.

Amnesty International called the move a huge victory for free speech:

Whatsapp's roll out of the Signal Protocol, providing end to end encryption for its one billion users worldwide, is a major boost for people's ability to express themselves and communicate without fear.

This is a huge victory for privacy and free speech, especially for activists and journalists who depend on strong and trustworthy communications to carry out their work without putting their lives at greater risk.