Amazon threatens to cut off Signal encrypted chat
Signal is a favorite app of dissidents and protestors worldwide, as seen in a 2017 Berkeley, Calif. protest. Photo: Elijah Nouvelag via Getty
The encrypted messaging app Signal said Tuesday it had been threatened by Amazon's cloud division after disguising Signal traffic as an Amazon site.
Why it matters: The Signal app, like most apps, used a trick called "domain fronting" to circumvent censorship measures by countries like Iran. Amazon banned domain fronting on Friday, leaving Signal and countless protesters worldwide in the lurch.
How it works: Apps running in the cloud can make it appear like their traffic comes from other servers using the same cloud infrastructure.
- Domain fronting makes it impossible to filter out a single app from the rest of the apps and websites using the same cloud.
- Amazon said appearing to come from an Amazon-owned domain violates Amazon Web Services' terms of service, according to Signal.
What they're saying: "The idea behind domain fronting was that to block a single site, you’d have to block the rest of the internet as well. In the end, the rest of the internet didn’t like that plan," Signal wrote in a blog post.
Amazon did not immediately respond for a request for comment.