torsdag 22 september 2016

The FSB wants to decipher Russia’s Internet traffic


September 21, 2016

In the framework of implementing Russia's new anti-terror legislation, the so-called Yarovaya's law, the country's Security Service - the FSB - is discussing the possibility of decoding and analyzing the Internet traffic of Russia's citizens with the Ministry of Communications and the Ministry of Industry, reported the newspaper Kommersant on Wednesday, citing several informed sources.

The FSB, said the sources, is considering decoding all Internet traffic in real time and analyzing it based on key parameters. According to the plan, the other agencies would offer assistance in further deciphering the traffic of those users who attract the attention of law enforcement.

One of the methods by which the FSB may choose to actualize its plan involves the installation of MitM-attack (Man in the Middle) equipment. Such equipment, said the source of the newspaper, intercepts and decrypts traffic as it leaves the server and re-encrypts it using an SSL-certificate issued by the Russian Certification Authority before forwarding it to the user. The FSB may also choose to use DPI systems (Deep packet inspection), which are now used by Russia's operators to filter websites included on the list of banned websites compiled by the country's Internet surveillance watchdog Roskomnadzor.

The Ministry of Industry declined to comment upon being contacted by the Kommersant, and the FSB and the Ministry of Communications have yet to respond to the newspaper's request.

Russia's new anti-terror law, spearheaded by Duma deputy Irina Yarovaya and Federation Council member Viktor Ozerov, grants the government sweeping new powers to combat broadly-defined terrorism and extremism, and saddles Russia's telecoms industry with onerous new regulations that include storing copies of all telephone and Internet conversations.