Signal

We knew it would happen. We told you so! You need to divert funds and development immediately into a decentralised servers model and add federation. Or this will domino...you know it !!!

It's trivial to block several distributed hosts simultaneously. An aspiring censor would simply find the most common federated endpoints for a given service and block all of them. Only the users of that software would be affected. There wouldn't be any collateral damage.

So fully distribute it. Complete mesh network. They cannot block billions of IPs across the entire world.

Exactly that. Release the server code

No, I am saying it needs to be a full P2P mesh application. No servers at all.

Could you make a script and a license agreement that users can upload to their own servers that allow you to use their domains for domain fronting?

Reasonable idea, but really they would have to be big enough that the censors are scared of banning them because of how obvious it is. That's why google and amazon's sites were perfect.

Do these countries also block Facebook, or some Facebook users from using the integrated signal protocol/private messages?

Oof. This tweet is misleading for what actually happened, as indicated in the article. You’re masquerading as an amazon owned domain without their permission. I mean, this was the obvious end result.

This is not *really* about violating the AWS terms of service, though. This is about Amazon not wanting to become collateral damage (ie, lose business) if http://Souq.com  gets blocked in UAE, Oman, etc because of this.

1. Clear text request: "Hello, I would like to speak TLS with http://souq.com " 2. Clear text response: "Why yes, let us do that with these parameters" 3. Encrypted request: "Please give me the page for http://signal.org/api/whatever "

Lol if you think that “not really” violating the terms is defensible. Skating around SNI and reverse proxy quirks is obviously going to be a tos violation, because they’re the ones who write the terms.

My "not really" was about the real reason for the letter from AWS (ie, that they don't want to lose business), not insinuating that Signal was not breaking the ToS. Signal's not a bot net or something. AWS could have easily looked the other way.

Anyways, this reminds me of something you said about Twitter a few years ago, that it's a shame that at the end of the day Twitter has to provide shareholder value. Same with AWS here. Good thing people in the Middle East can still buy cell phone covers and vape juice from souq!

And when souq gets blacklisted?

Or the government there puts the pressure on souq? This wasn’t just an issue between amazon and a customer that could be overlooked, but amazon and two customers.

for starters, you should move your domain and your DNS somewhere you won’t have to worry about getting de-platformed. Like here. You can actually manage your Route53 DNS from our control panel and still have latitude if they cut you off: