How the Russian Internet Censor Banned Itself
Censoring the internet is as difficult as it is futile, and Russian internet users have convincingly demonstrated this to the government this month by turning its website-blocking system against itself.
During President Vladimir Putin's third term, which began in 2012, Russia has significantly stepped up attempts to purge the internet of "extremist" views. But the Kremlin doesn't have an equivalent of China's "Great Firewall," which controls the internet through the gateways between the national segment and the rest of the global network. Instead, internet providers are required to block the sites on the blacklist of the regulator agency Roskomnadzor.
Internet providers are not legally required to use a specific blocking method -- such as deep packet inspection which analyzes data that passes through the internet for undesirable elements -- so many of them, including large cellular operators, merely block any IP addresses linked to a banned web address. In recent days, this peculiarity of the Russian system has led to an effective anarchic protest against censorship.
Instructions have spread on social networks on how to block virtually any site. First, turn the blacklist into a shopping list, and buy up or re-register domains that are no longer in use. Then, link those sites to government IP addresses to trigger an automatic blocking. It worked spectacularly well. The national cellular operator BeeLine, for example, promptly shut down access to many sites, including bank payment servers and pro-Kremlin media outlets such as Life.ru and NTV.ru. Even Roskomnadzor, the keeper of the blacklist, ended up blacklisted. According to Alexander Litreev, a St. Petersburg developer who runs a cybersecurity channel on the Telegram messenger, more than 30 percent of Russian users were at some point affected by the blockages.
This presented a problem for Roskomnadzor, but not for the obvious reason that bank transactions weren't going through for many people. To address complaints, the censorship agency merely put out a press release blaming providers and saying it would all be fine if Roskomnadzor could dictate the blocking method. The real problem was that Putin's annual "direct line" with voters -- a major event with questions collected through the internet and the resulting multi-hour marathon broadcast online as well as on TV -- was scheduled for June 15, and the owners of blacklisted domains had the power to block it.
So at first, Roskomnadzor's regional agencies sent out to providers a whitelist of more than 2,000 domains that were not to be blocked even if they were linked to a banned domain. Gov.ru and Kremlin.ru, the domains for the government and the presidential office, were at the top of the list. It also included all the variations of "Google," making it possible to register a site like BlowUp.Google.AllahAkbar.org and avoid being blocked. It wasn't a great solution, especially since providers weren't obliged by law to implement the whitelist, and most wouldn't bother merely to avoid the hassle of deactivating it once it was, inevitably, recalled.
On June 9, the censorship agency came up with a better solution. It sent out a letter to providers, saying that up until June 16 -- the day after the Putin event -- they were to block only the specific IP addresses on the blacklist and not the ones to which traffic from them was redirected. It promised not to penalize providers for softening censorship in this way.
The censors will eventually solve this particular problem, perhaps by weeding out inactive domains from the blacklist so it won't be as easy to buy them, perhaps by pushing through legislation that would give them more power to tell providers what blocking technology to use. Last week, a bill was also introduced in the Russian parliament that would limit the use of anonymizing software to bypass the blacklist. After all, since Putin's re-election in 2012, the number of Russian users of the anonymizing Tor network has grown from some 20,000 a day to more than 200,000.
But the bans are a game of whack-a-mole. Having tasted relative internet freedom, Russia is less accepting of censorship than, say, China. As the whole world knows now, it also has a large, inventive hacker community that doesn't have much respect for restrictions, foreign or homegrown. Exploiting the Roskomnadzor flaw didn't require any hacking expertise, but if it's required as the censorship grows tighter and more sophisticated, it will be applied.
This column does not necessarily reflect the opinion of the editorial board or Bloomberg LP and its owners.
To contact the author of this story:
Leonid Bershidsky at firstname.lastname@example.org
To contact the editor responsible for this story:
Mike Nizza at email@example.com