Amazon pushes Signal creators to change their anti-censorship tool

For years, Open Whisper Systems has used clever tricks to circumvent censorship of its Signal messaging app on the part of countries trying to silence political dissent. Those methods are getting it into hot water, however. Amazon has warned OWS that Signal's anti-censorship system violates AWS terms of service not only hiding the true origins of its traffic, but by using a domain it doesn't have the rights to use -- namely, Amazon's own Souq.com. The chat service doesn't have permission to use Souq's internet domain "for any purpose," Amazon said.

The message warned that Amazon will "immediately suspend" OWS' access if it continues the practice. OWS unsurprisingly disagrees with Amazon's stance, arguing that it isn't disguising the origin of traffic when users connect to Amazon's service. It's also using its own web security certificate.

However, the company is more concerned about the lack of viable alternatives. It chose AWS for its anti-censorship tool precisely because it was one of the few major options left that would let Signal avoid a data handshake that revealed the true nature of the traffic, giving censors an easy target. Google made changes to its system in early 2018 that forced OWS to abandon its cloud services, pushing it toward Amazon.

Unless Amazon has a change of heart, OWS might not have much of a choice -- it believes its current technique is "now largely non-viable" for those countries where it's used, such as Egypt, Oman and the UAE. This doesn't completely rule out circumvention, but it could take time to come up with a "more robust system" given the developer's small size. While Amazon may have valid security reasons (it doesn't want clients that set out to deceive users), this could have serious ramifications for residents of affected countries that may either have to accept the likelihood of government spying or go without messaging.