Show HN: Babble – Communicate privately on state-sponsored social media
100 points| yvbbrjdr | 3 years ago |babble.landrop.app
Chinese people have been deprived of freedom of speech even before the COVID-19 pandemic. Li Wenliang, who was among the first to notice the spread of the virus and warned his colleagues about it in a private WeChat group, was admonished by the police for "spreading rumors"; his punishment was then aired on the national TV channel. After Wenliang passed away due to getting COVID-19 himself, discussions about it on China's public Internet were highly restricted; most discussions will be deleted upon being posted, which was done by some automatic keyword detection mechanism.
Things got even worse over the years and especially during the Shanghai lockdown in early 2022. Everything related to questioning the public health policy is banned. Many people posted articles about how bad Shanghai's economic and social situation is on their WeChat public accounts. None of these articles, not even their accounts, can survive for longer than a few hours. Even articles crying for help, because people were starving, got deleted.
A video called Voice from Shanghai Lockdown (https://youtu.be/38_thLXNHY8), which contains audio recordings of desperate Shanghai people during the lockdown, went viral on Chinese social media at the end of this April. Unsurprisingly, this video was immediately censored. People got angry and tried to spread this video as much as possible by re-posting it again and again, racing against the detection algorithm. But it was futile.
It's just like 1984, where the number of words available to say "legally" is decreasing. There are no tools available for people to speak out. Public social media and private messaging apps are all monitored by the government. Foreign tools such as Telegram, Signal, or anything similar are blocked by the GFW. PGP is too technical for normal people. The goal of Babble is to provide those people with a cryptographic and steganographic tool that's easy enough to use but secure enough against a censorship system. It's not perfect as of now, but we are making an effort to make it better.
Yes, Babble might get removed from the App Store in China if the Chinese government asks, but it's fundamentally different from Signal being blocked - there are a considerable number of people in China who has an overseas Apple ID so that they can download apps not on Chinese App Store, but to use Signal, you have to bypass GFW, which fewer people know how to. One of the real challenges for this project though, is how to get people aware of the situation, because our education is brainwashing and people are starting to take surveillance and censorship for granted. And it's very hard for the app to reach its intended audience because the surveillance system is designed to prevent them from accessing this kind of tool.
[+] [-] jpalomaki|3 years ago|reply
Add a suitable browser extension, enter the shared secret and "read between the lines".
[+] [-] MonkeyClub|3 years ago|reply
“Twitter Steganography using manual annotation and codebooks (2014)”
(https://github.com/shadowrun96/pteroglosia)
Sure it’s an academic proof of concept, but pretty cool nonetheless, and a good combination of widely accessible technologies.
But I feel that the answer to the privacy question will lean more on low tech cunning and decentralization/reduced mediation, rather than hi tech or state-backed solutions.
Like, how do you get the NSA to not snoop on your itinerary? Buy a physical agenda/day planner, think in paper, speak face to face, walk, don’t take the phone. Easy basic stuff, though you may end up speaking in a hushed voice and utter terms like “the people”, “the system”, and “off grid” more often than usual - you know, usual for sheeple. Like a conspiratorial Tourette’s. Am I missing some rabbit ears there?
And of course we will always have rebus and heraldry (allegory and memes)!
Consider this:
“The Pooh duck-stepping a Lemming path towards a cliff.”
No tech necessary (other than the Internet, a mind blowing basic amenity), but every Chinese person can get a political message, where an algorithm would get a syntactically incorrect sentence.
“Go water bags!” is what I’m saying, I guess, though I think I lost my drift a while back :)
[+] [-] MitPitt|3 years ago|reply
[+] [-] popcalc|3 years ago|reply
I used the go code to develop an iOS app that, while I and my friends thought was very cool, Apple didn't think had enough features to publish :(
Edit: Obviously this isn't going to fly under the radar when a state actor is concerned.
[+] [-] yvbbrjdr|3 years ago|reply
We've actually tried implementing a browser extension before. The problem is ordinary people just don't use browser extensions..
[+] [-] fariszr|3 years ago|reply
https://neatnik.net/steganographr/
[+] [-] shireboy|3 years ago|reply
I’d call it horocrux.
[+] [-] rob_c|3 years ago|reply
Biggest issue as you highlight is userbase which frankly, if you're serious about going against state media you should be talking about avoiding devices locking you down to app stores etc. People on those platforms (as unfortunate as it is) have decided that pretty asthetics are worth personal freedom so ultimately will never support true freedom of thought or opinion.
[+] [-] yvbbrjdr|3 years ago|reply
1. People are unaware of their existence due to those projects being very technical and hard to deploy/join. They also don't have a good client on mobile platforms. People will trade their privacy for all the convenience, say, WeChat brings, because all of their contacts are already using WeChat. It's hard to convince people to change to use your matrix server. 2. Cloud services are also monitored by the government. There are programs running in the background inside VPSes that monitors all processes in your server. 3. If you want to host a website, you have to register it with a state agency, so if there are any contents on your website that the government doesn't like, your website will be shut down and you'll be held responsible.
As of the walled garden Apple created, I heard that EU has passed a law mandating Apple to allow third-party app stores. It'll be very interesting to see what'll happen in the future.
[+] [-] yorwba|3 years ago|reply
[+] [-] yvbbrjdr|3 years ago|reply
For some reason it's no longer on the App Store anywhere.
[+] [-] derekzhouzhen|3 years ago|reply
* if only few people is using it, then the messages will be lost
* if somehow this gain popularity, then the authority will ban it
For a small determined group, there are already easier ways to communicate.
[+] [-] yvbbrjdr|3 years ago|reply
[+] [-] upofadown|3 years ago|reply
Like just a single word? Why wouldn't that be trivially brute forceable? Since you don't care exactly where the content comes from, why not just use some sort of public key system? There wouldn't be much chance of a MITM in this particular instance and it would simplify things for the user.
[+] [-] yvbbrjdr|3 years ago|reply
It's a good idea to use a public key system. But it really confuses new users who has never used PKI before. Nevertheless, we have a key exchange feature built into the app that allows 2 parties to negotiate a shared secret using X25519, for advanced users.
[+] [-] unknown|3 years ago|reply
[deleted]
[+] [-] gnicholas|3 years ago|reply
Of course, any platform can try to ban all such posts outright.
Glad to see someone working on this!
[+] [-] simjnd|3 years ago|reply
[deleted]