Get best of the week

Former TJ editor-in-chief about letters from the FSB: there will be a story of "Durov 2.0", but Habr will become the headliner

Yesterday, the former chief editor of TJournal, Nikita Likhachev, posted a couple of long audio messages in his telegram channel, almost a podcast where he tells what he thinks about the ORI registry, letters to major Internet services from the FSB and Habr's place in the whole story. I know, on Habré they like reading more than listening, so I took the trouble to decrypt the record. This thought seemed interesting to me. Under cat reading for 5-7 minutes.


Photo from Facebook Likhachev

If someone is easier to listen to the recording, then Nikita posted it in two parts in the channel " Radio room Likhachev ." Next is a transcript of his words.


I decided for a big reason to resume the section of irregular audio messages / podcasts in my Radio Room, which was originally created as a place where you can throw off long audio messages when I think and reason. There is a topic that, it seems to me, will develop in the next few months, and maybe even years. Yesterday it was covered in detail in Medusa and The Bell. The FSB began to request from Internet companies that own services where users communicate, round-the-clock access to user data. Specifically - to messages, calls and any communication that occurs between them. And she began to request back in August 2019. She sent letters to representatives of companies and services that are included in the register of information dissemination organizers, the so-called ARI. And asked not to divulge the factthat she sent letters to these companies under the pretext that this violates internal rules, including, probably, some federal laws on communication with special services and bodies that conduct search activities.

In short, the FSB asked the companies and services to quietly implement a round-the-clock monitoring of users. Here's the interesting thing: for half a year, none of the companies spoke about this. Now it is not very clear whether one of them agreed to do this or not. But at least the fact of conversations or meetings with the FSB, which were described in these letters, was not disclosed.

In these letters it was said that you can drive to the FSB office in Lubyanka to discuss this topic, or the FSB will arrange a meeting at the appointed time and will arrive at the company’s office itself. As I understand it, the FSB officers were ready to come to those who are better, and the rest can be called to their carpet.

The first interesting twist is that the ARI appeared back in May 2014. Then it was widely discussed as the "law on bloggers." No one understood why it was adopted and whether it would act in any way. For its implementation, there were not enough by-laws that would regulate which bloggers and how they should transmit information, what information, etc. Then it seemed that they took up the bloggers specifically, because they also introduced their registry. It seemed that they took up specific bloggers, and some thought that this law was specifically against Navalny. This law, unfortunately or fortunately, did not take effect - it just flew in vain. At the moment, it seems that about him completely forgotten. Six years have passed, and things are still there. As far as I know from communicating with different people, everyone perceived him as an incompetent law. Unclear,why was it adopted. It seems that someone said: we need a law that would regulate bloggers and create a specific registry for them.

But in parallel with this, a law was passed which prescribed the concept of information dissemination organizers and created a register. Vkontakte made the first point there. Later, other major services were introduced there, but in six years only 200 of them appeared there. Among the media there was only Roem . And then, he could have entered there himself, but this must be clarified by Yuri Sinodov.

Habrahabr was introduced with Roem at about the same time. Of the major communication services there were Yandex.Mail , Mail.ru , Yandex.Disk , Mail.ru , Odnoklassnikiand a couple of instant messengers. Including "messengers for cryptographers" like Threema. And then everyone started talking: “since Threema got into this registry, it means it is giving data to the security forces.” With great efforts, Telegram was introduced there in 2016, there was a big scandal.

The registry is formed on the principle "ILV comes to the service, sends a letter" dudes, we need some data from you "." And if the company provides them, it is entered into the register. ILV itself did not add anyone to this registry, as far as I know, in any case, without consent, it did not.

Durov got into the position “we don’t want to enter this registry if you want our registration data in the public domain.” And then everything seemed to be done as part of a tacit agreement with the FSB, which then demanded keys from the Telegram. I couldn’t get the keys; Telegram didn’t make contact. Then they decided "we’ll add it to the registry, and then we’ll think about what to do with it." As a result, they made it, but it seems like no keys to it were received.

Apparently, for most other services, the situation was the same. Since 2014, 200 services have been introduced there. And it seems that nobody did anything with these organizers of the dissemination of information. Despite the fact that since July 1, 2018, according to the “Spring Law”, all these services that were in the register of information dissemination organizers had to transmit data on how their user communicates, message content, etc. But no by-laws and other documents that would regulate the transfer of information - how it should be transmitted and to whom - so it was not accepted.

And it turns out that around August 2019, as the sharp-sighted Meduza pointed out , at the height of the protests, letters from the FSB were sent to various companies. Including Avito, Habr and several more. Medusa lists them, but does not mention them - I suspect that these are some not very well-known services. In the ARI registry, there are simply no bastards with services that are not very clear in terms of scale, whose users are not interested in monitoring.

The advantage is that in the five years since the adoption of the law on the organizers of the dissemination of information and in the year since the "Spring Law" has already begun to operate, these by-laws have not been adopted. But in fact, a political decision was not made, who will produce and supply equipment that will be used to monitor the users of all these services around the clock. Laws imply the purchase of a huge amount of expensive equipment and the maintenance of this equipment, and maybe even payments for processing traffic on the volumes of Internet providers. Someone had to make money on the production of this equipment - this is a rather large, tidbit, gold mine, which many wanted to process. A lot has been written about this. I got the feelingthat there is competition and there is an undercover struggle between major suppliers, and someone must win it. A political decision must be made, saying that this company determines how this equipment should look like (maybe it will produce it). In theory, everything should be centralized in the hands of a large giant like Rostec or Rostelecom, or someone else who is close to the Ministry of Communications and the Presidential Administration, for example. Someone had to control this and explain how everything should work. Obviously, the dudes who wrote the law just don't know how this should work. Plus, they simply may not have a direct relationship to the fact that this equipment is technically regulated and to determine the supplier who is able to make it. Maybe this equipment is not in nature. In my opinion, in the expert community there is a lot of talk aboutthat, in principle, there is no such equipment yet and it needs to be produced.

In 2019, there is no equipment supplier. But the FSB begins to send letters: dudes, come to us at Lubyanka, let's talk about how you will install the equipment - we have an order from the center of something there at the FSB, which is the basis for you to come to us and started to install it on their servers. I wonder why this happened in the midst of protests. Apparently, someone on the background of what was happening suddenly realized: guys, but we have access to see who organizes the protests there at all? And what kind of people are they in general? But it turns out that there is no access. That is, there is conditional access: you can request billing calls, SMS from operators. But they all use these messengers! They all sit on social networks that are encrypted. And they may not have any equipment installed at all,which would allow at least something to monitor.

Plus, another factor is that all polymers have been emitted - the largest foreign services, including WhatsApp Facebook, Instagram or Twitter, are not in this registry. It turns out that only Russian services (and not all) are registered in this registry, and no one came to install the equipment.

Judging by the publications of Medusa and The Bell , they nevertheless came to someone and demanded to install this equipment, and at the expense of the company itself. Everything looks, to put it mildly, not very rosy: they force you to monitor your own users, spend your money on installing equipment, and also figure out how to configure this equipment and where to get it. It is not said, however, who did this, but it is clear that a lot of money is needed for this equipment.

The problem is that you can come to individuals and companies. But how to make sure that if not the entire audience, then its significant part is covered in terms of the variety of needs for using managers and other communication tools - it is not very clear. How to get everyone to register in this registry ORI no one understood. And so the FSB, apparently, decided to follow the path of direct contacts: send letters to everyone, and go talk to them directly. And at the same time make sure that they have not yet told anyone about it. Judging by what is happening, the only public service that did not agree to such requirements is Habr, who first re-registered as a Cyprus legal entity and it seems like (now I can be wrong) he moved the equipment abroad and issued a reportabout how requests from government agencies are handled. In short, according to the law, requests must be made accurate to the press and the availability of an electronic digital signature, if an email. Everything should be clearly indicated there. And it seems like they (Habr) do not give out all the data and do not answer all the requests. There was not so much justice for the sake of requests to them - in the region of 16 pieces for 2019. And in most cases, these were “normal” requests. In some cases, Habr even helped, for example, banned a user who spammed about online casinos. In some cases, Roskomnadzor, as usual, requires blocking access from Russia to the 2014-2016 article. And in principle, does not explain why access to it is closed. Unfortunately, from the point of view of interaction between Roskomnadzor and the media, this can already be said to be normal practice.In many cases, you yourself can understand why access to the article is denied. It is clear where the legs grow from the ban on articles on how to print a gun on a 3D printer - the Ministry of Internal Affairs is dealing with its understandable issues.

For me, the main trick is that the history of Durov 2.0 will be repeated in the coming months and, possibly, years. Only this time Habr will be its headliner. Judging by what is happening, the guys prepared to transfer their sphere of interests to the international plane: both the legal entity in Cyprus and habr.com registered, made an English version. And, of course, since they are almost the only ones among the services in the ARI registry, with the exception of Telegram, who are not going to fulfill these requirements, they will look in the eyes of international media as a resource that was forced to leave Russia due to the actions of the security forces. If they are also blocked (which is quite likely if they refuse and take a pose), when entering the international market the image of such dissidents persecuted by the FSB,but advocating for users and the security of communications [will play into their hands]. Probably for Denis Kryuchkov (deniskin) and the whole team this way looks very logical, given that Habr is a community of programmers, among whom there are many privacy champions who are sensitive to the fact that other people, especially security officials, monitor their data.

It would seem that Habr is a place where programmers communicate about code, work and rarely speak on political topics. In principle, all the way Habr existed in an attempt to ban or limit political discussions on the site. But there is a large proportion of users, including programmers, who sometimes like to “quit the smoking room” and discuss, “what is there on politics with us, and who is to blame and what to do?” This is a rather massive community, pretty noticeable dudes, they have a lot of user investigations ... a pretty friendly community is one of the few so dense and so noticeable communities in Runet.

The second tsimes, which, probably, few people notice and, perhaps, actually does not look quite the way I perceive. In the last six months or a year, firstly, a "law against Apple" appeared, which forces manufacturers of smartphones, computers, smart TVs to preinstall "strategically important Russian services" on imported equipment. In fact, this is a way to get hundreds of thousands and millions of application presets for large companies absolutely free. To get on this list, you need some curator in the presidential administration to approve you as a reliable partner and a worthy Internet company. And we do not have many such companies. But there is never free cheese. I think getting on this list is a barter in exchange for something else. For example, for the fact that you will supply for your money equipment that the FSB needs.

From a recent one, Putin announced in a message to the Federal Assembly that an accessible Internet program should be made. That is, access to some services should generally be free. That is, the costs of providing this access should be borne by Internet providers. And companies that do these services for free will get traffic growth - simply because people will start using the services, even if they don’t have money to pay for the Internet. It looks like Runet support, but who will pay for it?

None of the companies can comment on this and say whether negotiations were conducted at all and how successfully. Roskomsvobodaat the time when this law was adopted, she said: if the service was added to the list, then by default we can assume that the service cooperates and transmits all the necessary data, unless proven otherwise.

What can be said about Habr? There is some sequence here. One can only hope that all this will work for the service positively. We all remember how the media in the West covered the departure of the Telegram. When Durov began to give out interviews, everyone represented him as the creator of the service, who left Russia for political reasons. And from this, interest in the service increased and user confidence - too. Naturally, this shop is already almost closed, but until recently, he rode out saying "look, we are security!" Whether it will be possible to make the same at Habr, it is not clear. The scale, of course, is completely different, but there will probably be some kind of boost in the beginning. It seems to me that everything will be fine.

UFO Care Minute


This material could cause conflicting feelings, so before writing a comment, refresh something important in your memory:

How to write a comment and survive
  • , .
  • ( ).
  • , , «» ( ) .

, : |

→
→

More articles:


All Articles