Uh oh. Belarus is looking and acting more like Russia.
Belarus Moves to Block Tor in Fight Against Online Anonymity
At the end of November, several Belarussian internet users began complaining to their internet providers about the apparent blocking of the Tor anonymity network.
Dear @by_velcom, what do you know about Tor not working on your network and on Atlant Telecom?
Shortly thereafter, on December 6, Belarus’ Ministry of Communications published an official statement explaining that the network had been blocked in order to restrict the distribution of illegal material on the internet, as stipulated in a new law passed in February 2015.
In this case, [the blocking of Tor] is not intended to prohibit anonymous access to the internet. The objective is to restrict access to internet resources that contain prohibited information. Access to these sites is restricted by the legislature of Belarus…Belarus is not the first state to apply this practice, to limit access to sites with information that have content aimed at the execution of extremist activities, illegal arms trafficking, narcotics, the distribution of pornography, facilitating illegal immigrations and trafficking in human beings, propaganda of violence and cruelty.
The Tor network, which developed by the U.S. Naval Research Laboratory in the early 2000s and now run by the Tor Project non-profit organization, anonymizes internet traffic, allowing users to circumvent network surveillance. Traffic is encrypted to obscure users’ identity, and passes through volunteer-run servers in multiple locations before reaching its destination.
More about Tor
The Tor network is a collection of servers located across the world, run mostly by volunteers. The network helps users connect to the Internet anonymously by sending traffic between at least three Tor servers, typically located in different countries, before allowing it to reach its destination. This makes it nearly impossible for anyone monitoring the Internet to understand where the traffic is coming from and where it is going. Tor “exit nodes” are the final set of servers used in the connection process. This is where a user’s traffic exits the Tor network and connects to the world wide web.
The Tor network facilitates special sites that allow website owners and their users to remain anonymous through “hidden services.” Hidden services have been used by criminals for nefarious activities like selling drugs, but they have plenty of legitimate, lawful uses too. Bloggers use hidden services to blog anonymously and safely. Human rights defenders share information with media by using leaking platforms in this realm. Media organizations use them for sensitive research.
Belarus first took aim at Tor in February 2015, when a decree issued by the Ministry of Communications laid the foundation for banning anonymizing services. Tor was explicitly named in the decree, though experts doubted the ability of the Belarussian state to limit the network’s use.
There is a remarkable anecdote about “principle of 15.” In order to create a system to block Tor, you will need to task 15,000 people with development, spend 15 months and $15 million dollars. And in order to crack [the system], a 15-year-old guy will need 15 minutes.
Despite the difficulty of the task ahead, the Ministry of Communications is now ramping up efforts to crack down on Tor. Members of the Tor community noted specific efforts to block Tor usage in Belarus on November 30 and December 1, with known Tor nodes being placed on a special blacklist by BelGIE, the State Supervisory Department for Telecommunications of the Republic of Belarus, and targeted for blocking.
These blocks are created through a TCP reset attack, in which the attacker tells the user’s machine that their connection to another machine – in this case, the Tor network’s public “onion router” – has been reset. This causes the first machine to immediately stop using the connection.
Yet Belarussian Tor users have found this relatively easy to circumvent. 42.TUT.BYdiscovered they could access restricted sites using the Tor browser’s default settings on December 5. Elsewhere, sites have published guides on circumventing the block, often making use of the browser’s “bridge relays.” These relays, which are unlisted in the main server directory, are less likely to be recognized and blocked by Belarussian authorities.
In general, everything on Tor-e is open. Long live Belarus!
During this period, the number of Tor direct users in Belarus dropped from 5,500 to 3,000. However, the number of users making use of bridge relays increased from 250 to 2,000, indicating a large segment of Belarussian Tor users are bypassing the block.
When Belarus first moved to pass legislation blocking Tor in 2015, Russia began to eye similar options. While Russia’s main effort at blocking Tor failed, due primarily to the withdrawal of the project’s contractor, it remains to be seen whether the Kremlin will follow Belarus’ lead or learn from its failures.