A Tricky New Way to Sneak Past Repressive Internet Censorship

All over the world, walls are going up around the internet.

For years, autocratic regimes have been in a race to heighten those walls, as their citizens develop taller and taller ladders. The more they filter and block, the more their citizens come up with clever technical solutions to access the uncensored truth. There is mounting evidence, however, that repressive regimes are opting to just shut down access to the open internet entirely—and that such blackouts could become permanent.

A team of cybersecurity researchers believe they have come up with a clever new way to fight back: a trojan horse. Specifically, a satellite feed designed to look like a television station, which actually carries a payload of uncensored news and information. It’s a particularly retro solution to a very modern problem.

The program, dubbed eQsat, has been tested and is ready to be put into action during the next internet shutdown—whether it’s in Russian-occupied Ukraine, Iran, or one of the many repressive regimes that regularly block internet access.

The cybersecurity firm behind the program, eQualitie, has spent years developing tools designed for civil society in countries with aggressive internet filtering. Its mobile browser, Ceno, connects users to the open internet and serves content peer-to-peer. When a particular website is blocked or throttled, Ceno grabs a copy of the website supplied by another user who can access the site normally.

Ceno’s weakness—like all peer-to-peer services—is that it still requires some connection to the outside world to deliver blocked content. During a total shutdown, Ceno’s peer-to-peer connections are severed as well.

There are some unreliable solutions to this problem. In some cases, mobile internet or Wi-Fi can be broadcast into an area experiencing an internet shutdown—there have been plans to try to broadcast a cellular or Wi-Fi signal from Finland into Russia, for example. In North Korea, balloons with USB keys attached bring news and entertainment into one of the most heavily censored countries in the world.

Most PopularGearThe Top New Features Coming to Apple’s iOS 18 and iPadOS 18By Julian ChokkattuCultureConfessions of a Hinge Power UserBy Jason ParhamGearHow Do You Solve a Problem Like Polestar?By Carlton ReidSecurityWhat You Need to Know About Grok AI and Your PrivacyBy Kate O'Flaherty

But cell signals can be jammed, Starlink terminals can be triangulated, and balloons can be intercepted. The best way to deliver information into a closed country without being caught or thwarted, Jason Roks tells WIRED, is steganography: the act of camouflaging information inside another message. And eQsat is the answer to the question “How do you blend in the most?”

Roks and the team at eQualitie rented space on commercial satellites and began broadcasting their own television channel to countless home satellite receivers throughout Asia and Africa. But should anyone be flipping through the channels, the eQualitie station will be static or color bars. Anyone who records the channel to a USB key, however, would discover that one of the audio tracks is, in fact, a compressed file. Extracted on a computer, it reveals a wealth of information.

“So this is a mechanism we developed to replenish from the outside,” Roks says. “We partnered with dozens of news organizations to, basically, take a snapshot of their websites and—very much like Internet Archive, the Wayback Machine—we keep a version of their site. And we update them daily, quarterly, whatever that basis is. And that works out to about, all those sites for Russia and Ukraine, about a gig and a half of data.” That data, once extracted, can be fed into the BitTorrent network, and can update the cache for their Ceno browser.

This tactic is pretty safe, overall. Blocking satellite signals is difficult and unreliable. Russia tested an anti-satellite weapon in 2021, but it is unlikely to deploy such a weapon on commercial broadcasting satellites. And given that the signal will be beamed out to millions of households, pinpointing who is actually accessing the trojan horse is tricky. The riskiest part of the process is uploading the information to the BitTorrent network. That’s why eQualitie has set up machines, equipped with satellite receivers, that automatically receive the broadcast, extract the hidden file, and upload the information to the network.

“We wanted to make sure that the people who are our volunteers and partners in those countries don't get exposed when they cache it into the network,” Roks says.

This elaborate operation is relatively inexpensive, costing just tens of thousands of dollars to serve a wide geographic area. But it has its limitations. It allows for only one-way communication, for starters. Roks explains that having users inside the affected country try to broadcast information back through the eQsat program would make them incredibly vulnerable. “In Myanmar they go door-to-door inspecting houses for satellites,” he says.

Roks and his team also faced difficulties finding a satellite provider willing to host their trojan horse channel. Their current provider (which WIRED is not naming, as it could compromise the security of the project) has been “easygoing” about the project, Roks says. Others were far more hostile to participating.

WIRED previously reported how European satellite operator Eutelsat is continuing to broadcast Russian propaganda networks, even as activists call for them to be replaced with independent Russia media. In Myanmar, Norwegian telecommunications company Telenor, faced with increasing demands from the ruling junta to surveil its customers, opted to sell its local subsidiary to a local buyer.

Most PopularGearThe Top New Features Coming to Apple’s iOS 18 and iPadOS 18By Julian ChokkattuCultureConfessions of a Hinge Power UserBy Jason ParhamGearHow Do You Solve a Problem Like Polestar?By Carlton ReidSecurityWhat You Need to Know About Grok AI and Your PrivacyBy Kate O'Flaherty

Roks admits that these authoritarian regimes may ultimately get wise to this tactic and find a way to thwart it. “It's always going to be a cat-and-mouse game,” Roks says. “I mean, it's never going to stop. Which is why you kind of always have to be prepared.”

Part of the inspiration for eQsat came from a 2021 paper by Steven Feldstein, a senior fellow with the Democracy, Conflict, and Governance Program at the Carnegie Endowment for International Peace. In it, Feldstein warned that temporary blackouts are likely to grow more frequent, but that permanent shutdowns could be on the horizon.

“Internet shutdowns remain a favored tactic of governments to push back against mass demonstrations, entrench military coups, or cut off conflict areas from the rest of the world,” Feldstein writes. China’s so-called “Great Firewall,” Iran’s “filternet,” and Russia’s “sovereign internet” all signal a growing shift toward state control of the internet. Governments in Belarus, Egypt, Saudi Arabia, Turkmenistan, Thailand, Myanmar, Gabon, and elsewhere are heading in the same direction.

Even as these shutdowns become more frequent—and sophisticated—“democracies are increasingly frustrated about their seeming inability to help citizens overcome internet controls,” Feldstein writes.

He identified a raft of solutions, both established and speculative. There have been plans for Wi-Fi-equipped balloons flying over Cuba or invasive satellites, and suggestions about beaming internet into locked-down countries. These solutions, however, are impractical, expensive, and are unlikely to work, according to Feldstein.

More credible have been virtual private networks (VPNs), which allow users to tunnel past state firewalls and evade government filtering; and private servers, which allow users to operate outside the controlled internet altogether.

“There remains a really robust innovation ecosystem, but probably one of the bigger problems is, even if you come up with clever solutions to evade government innovation, to what degree can you get public takeup?” Feldstein tells WIRED.

Apps like Psiphon have managed to deliver VPN and firewall-circumvention technology that is user-friendly, and it has already proved remarkably useful for users in Iran, Belarus, and Russia. Google’s Jigsaw project is also developing various tools to help civil society stay connected, and to empower independent researchers to contribute.

But this technology is already being aggressively targeted by these regimes, to great effect. And they are generally cut off when a total internet blackout or lockdown occurs.

“You become a victim of your own success: The more people turn to a particular tool, the more authorities find ways to hack into it,” Feldstein says.

Since Felstein published his paper in 2021, he says there’s been a mixed record of stepping up the campaign against this kind of censorship. Repressive nations have only become more repressive, while democratic countries have kept up but not pulled ahead. “Nobody’s really solved the problem,” Feldstein says. “In fact, it’s not a problem that can really be solved.”

Over the first 138 days of this year, digital rights group AccessNow estimates there were 80 internet shutdown incidents across 21 countries. Feldstein says that all free internet advocates can do is keep innovating. And, he says, eQsat is a prime example of that.

Roks admits their solution isn’t a silver bullet. But it’s a start, he says. “You’ve got to try and poke holes into those curtains when they come down.”

About Justin Ling

Check Also

Iranian Hackers Tried to Give Hacked Trump Campaign Emails to Dems

The week was dominated by news that thousands of pagers, walkie-talkies and other devices were …

Leave a Reply