Gotta love the Russians
No subtlety whatsoever.
I have no doubt the west will follow suit, but obfuscating the raw pwnage through some mixture of British understatement or US Congressional mendacity.
"This app is needed to keep children safe!"
The Russian State Duma has approved legislation that forbids the sale of unspecified devices unless they contain certain pre-installed government-authorized applications. According to Meduza, a Russia-focused publication based in Latvia, Russian legislators voted in favor of the bill, which is expected to take effect in July, …
Look at the size of the US federal and state governments. It's the same the whole world over. In the US the scandal is over the FCC and its interesting pro-lobby decisions.
(It isn't whataboutery when you're pointing out that everybody is doing it, the problem is that we the people are absolutely rubbish at doing anything to stop it.)
Not at all. At the moment, they aren't restricting what else the devices can have on them. I'm sure that comes later, but it hasn't come yet. What they are demanding is surveillance and control, pure and simple. And I'm sure the "applications" that come out won't simply be mandated bloatware that doesn't do anything if you don't open it, but will instead grab any and all data they can. For Android, this will be little problem, as device manufacturers cheerfully grant extra permissions, frequently either difficult or impossible without completely wiping the device to revoke, to preinstalled apps. I don't expect Apple to simply leave the market out of concern for human rights, but they probably will consider it after they are demanded to ensure the preinstalled apps have permissions that they normally don't make available and allow users to disable.
Yeah, I have seen this happen.The Russians have never been averse to obtaining things they want by any method. I saw tons of products, not available in Russia, shipped across the border by people ready to take advantage of the law of supply and demand.
I am concerned, however, that lots of people will still get devices with the surveillance software forced onto it and won't be technical enough to be concerned about it. If this experiment works in the sense that no major protest surfaces to block it and international manufacturers cheerfully comply, it might spread to other countries. I really want that not to happen.
Russia... Major protests... Consumer rights? That's a combination of words I don't expect to see in the news anytime soon.
And manufacturers don't need to do anything, it's the telecom providers who will do the dirty work. And they are clearly on board, even if they did have some choice about it.
Telecom providers can only go so far, namely Android phones that they sell. They can't do anything about iPhones because Apple doesn't allow them (now), and they can't do anything about phones bought through other mechanisms, while the law still cares. I'm also sure that computers will be included in the class of devices, and those don't get sold by providers. So manufacturers will have to get involved, and probably retailers as well. I would like for there to be some type of protest by the citizens or the companies, but I don't expect it to happen. But please, please prove me wrong.
I'm sure actual criminals are absolutely going to fall over themselves to not have phones delivered from abroad that do not have said apps installed.
No, never. Impossible.
As one person mentioned, if you outlaw guns, only criminals will have guns. In this case, it'll be the criminals, the billionaires, and anyone with any kind of connection to the other two.
Hey, kinda like backdooring encryption, come to think of it.
What is to stop the end user simply removing the government mandated apps after purchase? I know on Android phones they could be installed as system apps that would need root to remove. But on PCs it would be trivial to just go in and delete the exe and remove any registry entries even if there was no uninstaller
And on Android you can always flash a new ROM over the vendor installed one to remove any bloat
"And on Android you can always flash a new ROM over the vendor installed one to remove any bloat"
A lot of manufacturers don't provide bloat-free ROMs, and most Android phones will balk on an unisgned ROM, which requires the manufacturer to sign.
It could simply be a matter of a unique version being available exclusively for Russia. Which means its own signature keys and so on, meaning it wouldn't be possible to install anything BUT Russian ROMs (with their concomitant spyware).
Unless they do something nasty like mandating something akin to IEEE 802.1x from the network providers that will only let a device see its authentication server until it crypto-authenticates itself, the software to do such being built into the spyware app; no app, no Internet. Foreign SIM? Install the app or no data for you (app store access would therefore also need to be available.) No app installed? Add the phone's voice and texts to a special watch list.
If the apps can be disabled or uninstalled, there's no guarantee they won't leave something behind that's invisible to the user.
As the article says this is a bit vague, there is no real explanation of "apps", but I guess it does not mean operating systems. Gosuslugi - OK it might be useful - but will it, or something, run continuously - reporting to Putin what the user is up to ?
Also not mentioned is: will the user be able to uninstall Russian made software ? If so: then why the fuss ? If they cannot then why not, what is the real purpose of the Russian software ? China seems to be far worse at insisting that state spyware is installed on 'phones, etc.
I can see plenty of other countries doing the same, if only "to save our children from pedophiles".
We need to wait & see.
Are you out of your mind ? I can already not uninstall Samsung Drive, Facebook, Excel (!?), Hangouts, OneDrive, PowerPoint, Samsung Cloud, Samsung Health, Skype, Word or YouTube on my current Galaxy A3. They're disabled, but I can't get rid of them.
You really think those government apps imposed by Moscow are going to be removable ?
'Cause if you do, I have a bridge to sell you.
"Keep your bridge (and your snark)."
In that case, I'll hold onto this bridge. Other people will eventually buy it. You'll get the snark anyway, though. Because your "what's the fuss" statement is bad. First, there are lots of phones out there that aren't rootable. And even if a phone is rootable, the user has to know:
1. What rooting is.
2. Why they want to root.
3. How to root.
4. How to deal with the bootloader which, in some cases, is English only (or in a rarer case, Chinese only).
5. How to find a trustworthy replacement ROM.
6. How to deal with the situation if their replacement ROM doesn't actually work, including how to obtain a manufacturer ROM and replace it.
Some people here know all these things. But that's in a community with a lot of technical people. The general public does not know these things, and it's not completely self-explanatory. But let's leave rooting aside for the moment. What would happen if Russia wanted this done, but everyone was able to uninstall or root at will? Simple answer. They would make another law requiring manufacturers to prevent that. Russia-specific models without rooting capability and/or mandatory malware that watches for use of ADB and inserts a compromised ROM in place of the real one (or just notifies the police).
I assume you or someone with similarly bad beliefs may look at my arguments and come to the conclusion that none of this matters for us, as we know how to evade this kind of interference. Why should I care if this happens; my phone will be malware-free? The reason I care is that many around me will have this surveillance on their devices. I care about other people, but that's not all of it. If they have surveillance on their devices, then they have surveillance on me every time we communicate. Every time their device is near me. And the malware can be updated, meaning I have to worry every time I receive something from them that could exploit a security flaw that their malware may have been developed to exploit that mechanism to spread itself. And we've seen that plenty of times before, so don't accuse me of extrapolating to extremes.
It is not at all acceptable to have a preinstalled application from a government. It is rarely acceptable to have a preinstalled application from someone who isn't the manufacturer, but at least I hope some of them check the payload and don't allow purely malicious software. It does not matter if the device has an "Uninstall this app" button because I cannot trust that button to do what it says. It does not matter if the device might in theory be rootable because most people won't go to that extent. It is not acceptable.
I'm sure that in the many 'Prospects' that surround the major cities in Russia a thriving industry will be there to root phones, remove the Kremlinware or even install a clean OS. IT was there before the USSR fell and in the years afterwards, the markets held periodically at the Projects allowed you to buy pretty well everything. The Russian people are remarkable adept at ignoring Moscow. After all they have had centuries of rulers from the Czar to Stalin, to Gorby and now Putin (Stalin mk 2) to develop their skills.
The way the Russians will do it is simply to forbid rooting of phones.
That way, there will be yet another handy crime that they can add to the charge sheet when they want to take someone down. Of course, it won't be enforced against those whose "connections" are up to date.
@doublelayer
"It is not at all acceptable to have a preinstalled application from a government."
That may be your view but in Russia, the authorities disagree. As do the Chinese, and if came to it, probably the British.
But when you live in a country where the authorities can make your life change for the worse at their discretion, whether you're able to root your phone or not is probably the least of your worries.
To be completely honest, I suspect the entire thing is a redirect. Make a big show and a fuss, then back away from the proposed law.
In the meantime, it's already been done in another form, more quietly--I'd imagine network level, but possibly also at the device itself. And now everyone is more convinced that their phone is 'safe'. Gotcha!
@https://forums.theregister.co.uk/user/1881/
Most people wouldn't even think to disable them.
Disabling them or removing them just makes you look suspicious to the average police state cop.
We noticed in 2002 that we were getting intercepted on peace actions, and decided to leave our phones turned off outside the room when we were planning one. The very fact a bunch of known activists phones were in the one place and simultaneously turned off was an obvious alert to the police.
This is in a democracy, nobody was killed, just a few careers blacklisted.
At least these days they can tap your phone without putting a load of whistles and crackles on the line and the volume dropping.
Mines' the one with the relative being positively vetted in the pocket. I'm putting it on to go down to the call box - not the nearest one - to contact my nonexistent KGB minder.
Not really. Whataboutism is a cheap arguing tactic that makes one bad thing outweigh any other bad thing committed by the other side. Consider this example using a political campaign:
Side A: A member of the team, let's call him Bob, is caught taking bribes. That member is fired, but it raises an entirely logical question about why that person wasn't caught earlier and what they might have done.
Side B: Makes these logical arguments, making people turn against side A.
Side B: Someone's caught stealing money. They deflect questions with "What about Bob?".
Side B: Suggests very unpopular idea. Questions deflected with "What about Bob?".
Side B: Well, it's not technically bribery, but a lot of money went in one side and a preferential decision came out the other side. "What about Bob?".
Side A: Has completed investigation into Bob's crimes, proven that this was the first time, and Bob's actions had no chance to have an effect. They think their troubles are over.
Side B: Their candidate seems to have committed fraud a few years ago. "You know, our opposition just released a report on that guy they had taking bribes."
Side B: Their candidate proposes warrantless access to all communications information at all levels. "Sure, there are questions about how to implement this, but what there isn't a question about is that bribery is wrong. Now, this guy Bob..."
Bob, not connected to side A anymore: Is given a fine for committing illegal activity.
Side B: A major supporter of the campaign has been in a complex conflict of interest situation and has thereby gotten millions in dirty money. "They're being investigated, but innocent until proven guilty and all that. Now about this fine that was recently given to Bob..."
And so on. The reality is that Side B may be much worse than Side A, but the discussion is all about side A because their one incident keeps being brought up. The problem with whataboutism isn't that it's bringing up the original problem, as that deserves discussion. The problem is that all the other things deserve discussion as well, and the issue that may be old and unimportant at that point is preventing that from happening.
In this case, the new event is Russia's law, which is really bad. Nobody here fully supports the surveillance systems put in place by western governments. But two factors are at play right now. The first is that Russia's law is quite a bit stronger than anything the NSA or GCHQ have managed to get through. The second is that the discussion about the thing that actually happened is being derailed to talk about the things that are already well established or things that don't at the moment exist.
Clearly, my attempt at an example failed. I'll try again, attempting to be more concise this time.
Whataboutism is a cheap way of not answering a question by bringing up some other topic. It is likely that the other topic is worth discussing, but it's only brought up in order to throw discussion off the original question. As an arguing tactic, it's on par with an interviewee who simply refuses to listen to a question and starts talking about something irrelevant, but it's a more subtle version and thus is more often accepted.
In this case, the comment that got us into this was about western surveillance systems. That's worthy of discussion, and I think we all pretty much agree on our opinions towards it. But nothing specific was mentioned about the systems that connected to the topic under discussion. Instead of talking about the original topic of Russia's new law, or making an effort to compare it to a western system with which there are similarities, the issue of western surveillance was just dropped into the thread. I don't think it was done intentionally to distract us from Russia; I think it was just a comment that didn't include enough context on why it was important, but the effect is to send the discussion off course.
So it's anti-Russia propaganda for El Reg to report of the decision made in Duma?
Living in an adjacent country to Russia where a whole lot of Russians are already making daily visits to buy food, clothing, electronics etc - this will just make more citizens to cross borders for their electronics.
This post has been deleted by its author
Wow, I hadn't seen that story. Thanks for posting.
Bit of historic perspective on that story. I just listened to one of Trollope's Palliser novels dramatised on t'wireless yesterday. In which Lady Glencora describes the fearsome power she exercises over Ministers, MPs and other powerful people through their wives, by the threat of striking them off her invitations list. Clearly Apple's behaviour was well-known back in the mid 19th century!
I suppose in a sense we could trace it back at least two and a half millennia to Λυσιστράτη - though she was perhaps more grass-roots than in the position of established power of Apple or Glencora.
Dilbert's D-chip. Wikipedia tells us those have been legally required in the US for twenty years.
And I didn't even mention DRM.
Does the black market control the airwaves, too? Pretty sure cell phone providers can positively ID every phone on their network (since they have to be able to pass information to them specifically), so what's to stop Russia exerting control through control of the airwaves, which are theirs to begin with?