A leaked document purportedly originating from Russia’s Ministry of Transport reveals the government’s intensified efforts to combat encryption tools used for circumventing surveillance and censorship measures. This leak unveils a list of numerous VPN services targeted by the government, along with the inclusion of the open-source encryption protocol Shadowsocks for the first time.
Shadowsocks, renowned for its efficacy in bypassing firewalls, particularly in China, has now become a focal point of Russian authorities’ crackdown on encryption tools. This development underscores the government’s escalating efforts to monitor and control online activities, posing challenges to individuals seeking privacy and unrestricted access to information.
As Russia continues to tighten its control over encrypted communications and tools capable of circumventing government censorship, recent confirmation indicates that 167 VPN services are actively blocked for non-compliance with state regulations.
This number is anticipated to increase in the coming months, as revealed by a leaked document originating from Russia’s Ministry of Transport. Dated November 10, 2023, the document outlines plans by the telecoms watchdog Roscomnadzor for the immediate future.
The document, initially circulated on the ‘ZaTelecom’ Telegram channel, was later reported by local news outlet Kommersant. Despite attempts to elicit responses from the Ministry and Roscomnadzor, neither provided comments.
The first page of the letter requests input from organizations currently utilizing any of the VPN services or protocols listed on the second page. This move underscores the government’s concern over potential threats to the stability, security, and integrity of Russian telecommunications posed by these technologies.
The text strongly implies that the services and protocols listed are viewed as potential threats to the “stability, security and integrity” of Russian internet/information systems and telecommunications in general.
A more pragmatic reading might conclude that the services and protocols present zero technical threat, but do limit the government’s ability to control the narrative. That narrative includes claims that encrypted communications represent a threat to the stability of the internet, which of course they do not.
Dozens of VPNs, Famous Protocol
The letter’s second page is a 49-item list containing the names of well-known and lesser known VPN services. In the order they appear, some of the most notable inclusions are Private Internet Access (PIA), Ivacy Private VPN, PrivadoVPN, and PureVPN.
When a VPN appears on list like this it usually indicates a refusal to cooperate with Russian authorities, such as granting permission to inspect user data, communications or whatever else is on the government’s mind at any given time.
In that sense an appearance might not be as damaging to a VPN’s image as some might expect, quite the opposite in fact. That being said, item 49 on the list above shows that Russia intends to crack down on Shadowsocks, a protocol that in itself cannot be forced or coerced into compliance.
Shadowsocks
Shadowsocks is an open source encryption protocol created over a decade ago by a Chinese developer known as “clowwindy” and is perhaps best known for its anti-Great Firewall capabilities.
On a basic level, Shadowsocks clients offer a way to connect to SOCKS5 proxies securely using an encrypted tunnel. As standard it isn’t a VPN and more importantly doesn’t look like one to those hoping to shut VPNs down. People behind these projects are more easily identified, however.
Developers like clowwindy can find themselves under extreme pressure to behave in a particular way. The original Shadowsocks repo on GitHub reveals that even the most robust protocols can be ‘Removed according to regulations’.
Fortunately, the Shadowsocks genie is never going back in the bottle; perhaps Russia forgot to ask China about that one, or simply believes it can do better. The theory is that Russia plans to draw up a whitelist of organizations that use the services above in a government approved way, so they don’t find themselves inadvertently blocked. That may suggest the government has something aggressive in mind or perhaps faces limitations when it comes to pinpoint blocking.
