The Ministry of Communication and Information Technology of Nepal has issued an order requiring all social media platforms to be registered in Nepal.

Based on this, the Nepal Telecommunications Authority (NTA) has instructed all network service providers to deactivate 26 platforms, including Signal, Facebook, Instagram, WhatsApp, YouTube, and others.

To lift the ban and operate legally in Nepal, each platform must:

  1. Register with the Ministry of Communication and Information Technology.

  2. Appoint in Nepal:

    • A Point of Contact
    • A Resident Grievance Handling Officer
    • An Officer responsible for monitoring compliance with self-regulation [1]
  3. Submit an application in the prescribed format along with required documents, as per the Directives on Managing the Use of Social Media Networks (2080 B.S.). [2]

Reference:

[1] Notice by the Ministry of Communication and Information Technology on Managing the Social Networking Platform Usage in Nepal

[2] Directives for Managing the Use of Social Networks, 2023

  • rumba@lemmy.zip
    link
    fedilink
    English
    arrow-up
    24
    ·
    2 months ago

    For those people calling for the use of Tor, it’s trivial to block Tor and I2P at the ISP level. It’s not hard to get lists of relays and just add them to the block list.

    You can use shadow socks, but you have to be careful.

    We are globally heading into very privacy adverse waters. If they start making ISPs block VPN and piracy suspected sites, we might have to come up with something new to communicate in the open.

    We’re going to need something that looks like accountably legitimate traffic on the surface, but contains our actual content underneath.

    • anon5621@lemmy.ml
      link
      fedilink
      arrow-up
      5
      arrow-down
      1
      ·
      2 months ago

      Tor easy to block yes ,i2p much more harder like really harder, in Russian tor blocked ,vpns blocked by DPI system ,but still it possible to bypass it with something like byedpi. But i2p working much harder then just tor or usual http

      • rumba@lemmy.zip
        link
        fedilink
        English
        arrow-up
        2
        ·
        2 months ago

        While i2p’s node DB isn’t exactly in the clear. There’s not so many of us that you can’t getting pretty good picture of where it’s running.

        China’s already doing a really good job at blocking it. The protocol is secure in that you can’t tell what anybody is doing on it. And the node DB is only somewhat accessible. But that’s nothing a little coordinated espionage won’t suss out.

        Every ISP throws out a couple of honeypots. You don’t allow nodes to stay connected to it for long so everybody keeps refreshing it. They’re thinking it’s a DDOS. It’s distributed fingerprinting.

        You throw up a node, record its regular traffic, start up I2P and see who it connects to. F with your netem so they connect, but eventually discard that connection because it’s unstable. You get to cycle through a bunch of connections that way. Everybody who sends more than a SQL injection script to it is running I2P. You occasionally dump people off of it. New people try to connect. You dump them off of it. You create a list. That particular list isn’t worth much, the spread factor is kind of low on the protocol. But you share your IPs with everyone else that’s running honeypots. Or you just throw out a lot of honey pots in a lot of places if you’re a state actor. Everybody that hits the list gets logged.

        We’re heading towards some dystopian shit now. If ISPs get to the point where they’re allowed to kick you off for suspicion of shady things, the protocol is baked.

        It’s nearly impossible to identify the traffic. It’s fairly impossible to identify the origin or the destination of things from inside the network. It’s difficult to block individual connections from happening you’re real time. But, if they manage to make unidentified traffic illegal, it’s not that hard to detect that I-2p is happening and kick people off wholesale. Once the list is shared, they could just black-ball the IPs on every ISP for any connection.

        The real problem is, I’m having a really hard time finding some protocol or method that wouldn’t fall to this. You could easily hide some really low bandwidth stuff stego style in audio or video streaming from person to person, like say, forum traffic, but if you wanted to stop people from moving music and videos back and forth, I don’t know that you could hide that traffic through any means.

        • anon5621@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          2 months ago

          The I2P netDB isn’t a single dumpable list like you’re suggesting. It’s a Kademlia DHT stored across rotating floodfill routers. Floodfills aren’t static — routers get promoted/demoted based on bandwidth, uptime, and capacity — so the view of the network is constantly shifting. A normal router only ever queries small slices of that DHT, meaning you never get the “whole picture” from one vantage point. That’s a deliberate design choice to make enumeration hard. On the traffic side, I2P isn’t just onion-style routing. It uses garlic routing, where multiple encrypted “cloves” (messages) are bundled together into one garlic message. This kills the simple “one in → one out” traffic correlation trick. Add to that the transports: NTCP2 is indistinguishable from normal TLS over TCP, and SSU2 is UDP with full encryption, padding, and replay protection. From a DPI standpoint, it looks like generic encrypted noise — there’s no clean handshake to match on like with old Tor circuits. As for blocking, I2P is decentralized. There are no directory authorities to censor, no fixed bridges to burn. Floodfills are chosen dynamically and constantly refreshed, and peers discover new ones automatically. The bigger the network gets, the harder it is to enumerate and blacklist enough routers to make a dent. Censors can try whack-a-mole, but the distribution effect scales against them: more peers in more ASNs across more countries means higher cost to block. So yes, you can suspect I2P traffic if you really try, but fingerprinting and wholesale blocking don’t scale — the protocol was designed specifically to make both correlation and censorship exponentially harder as adoption grows Details: https://www.youtube.com/watch?v=95hSAMEwrlM

          • rumba@lemmy.zip
            link
            fedilink
            English
            arrow-up
            2
            ·
            2 months ago

            The I2P netDB isn’t a single dumpable list like you’re suggesting

            I am well aware of the design and structure, you mentioned I said some things there that I clearly didn’t say.

            So yes, you can suspect I2P traffic if you really try, but fingerprinting and wholesale blocking don’t scale

            If I2P is outlawed, and there’s a strong possibility we’ll see that in our lives, and ISP’s are told if they let unchecked traffic through they’re responsible for legal ramifications. They’ll run enough nodes in enough places and terminate enough end user accounts (at the very least in the US) to make people not want to run it.

            I don’t care if you can’t DPI it. If it’s on their network, and they start running peers, they will be able to root people out, not everyone, but they don’t need everyone. If the ISP’s share their data with each other, making that map isn’t all that hard.

            The floodfills can be secure and ephemeral AF, but P2P traffic, even packaged through garlic still passes through points that can be seen.

            The whole design is supersmart, and from a legal stand point it’s solid. But when we lose protections of beyond a reasonable doubt become stripped, they’ll tear that network apart user by user until no one wants to chance running it.

      • rumba@lemmy.zip
        link
        fedilink
        English
        arrow-up
        2
        ·
        2 months ago

        The authorities run their own web tunnel. The people that connect to it go on a naughty list. Everything it connects to goes on a naughty list.

        Wash, rinse, and repeat that in a geodiverse style. Share your IP list with everyone else charged with finding web tunnel. wholesale block all traffic from any node participating. Start with a one day band, move to a one week ban, kick them off the network after that.

    • Auli@lemmy.ca
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 months ago

      Wouldn’t they be von traffic on port 443. I mean it is already encrypted on the port.

      • rumba@lemmy.zip
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 months ago

        It’s not about trying to determine if the traffic is i2p or tor by its port or contents. It’s about running a copy of the client and logging who it connects to.

        When you have nearly limitless funds and servers everywhere already, it becomes a lot easier to insert into the network and start looking around.

        Then when you couple that together with a series of corporations that can do that, and they start sharing data.

        Then you change the legal landscape so they can just kick you off your internet provision because you are connecting to I2P nodes. It’s kind of like entrapment, but legal.

  • commander@lemmy.world
    link
    fedilink
    arrow-up
    7
    ·
    2 months ago

    One of the reasons I prefer Matrix even though anyone I know in real life uses Signal so I use Signal practically everyday but Matrix sparingly. Federated matrix servers. I worry how resilient Signal can be if enough countries ban it, not really confident in the US or EU countries or any countries long term for encrypted chat for the Signal Foundation, and also signing up with phone numbers. Phone number providers being another point of regulation

    • Pearl@lemmy.ml
      link
      fedilink
      arrow-up
      10
      ·
      2 months ago

      I worry how resilient Signal can be if enough countries ban it

      I don’t think signal devs are just going to sit around crying that signal got banned.

      Probably go the route of tor browser and have signed installer distributed amongst multiple mirrors.

      • Autonomous User@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        1
        ·
        edit-2
        2 months ago

        We’re still waiting. Everyone else has done this while Signal is getting left behind. It’s still effective at combatting anti-libre malware, WhatsApp and Discord.

  • birdwing@lemmy.blahaj.zone
    link
    fedilink
    arrow-up
    8
    arrow-down
    3
    ·
    edit-2
    2 months ago

    Good move of Nepal to ban Twitter, Instagram, YouTube, Whatsapp, VK, WeChat, Threads, as well as Facebook, LinkedIn, Facebook Messenger, Pinterest, and Discord.

    That said, Mastodon and Signal also being included, is dumb. What Nepal could do better, is that upon visiting one of the banned sites, users are advised to download another, decentralised medium.

    • abbiistabbii@lemmy.blahaj.zone
      link
      fedilink
      arrow-up
      7
      ·
      2 months ago

      I want you to look around the world political landscape around tech and ask yourself if you think most of these chucklefucks even understand what they actually say. They only care that they won’t like it and want it gone and think writing that down on special paper makes it go poof.

      I live in a “developed” country and my country past the online safety act and most of the people who did so didn’t know what a VPN was. Three previous administrations, The Blair-Brown one, the conservative one, and the latest one, have all floated the idea of banning encryption in some form. Do you really think the Nepali government understand what Mastodon is other maybe “it’s a bit like Twitter”.

      Most people in Nepal with any sort of sense have a VPN to get around this.

        • ax1on@sh.itjust.worksOP
          link
          fedilink
          arrow-up
          1
          ·
          2 months ago

          Yes, while most ISPs have only blocked these platforms at the DNS level, a few have also started blocking their IP addresses.

  • shortwavesurfer@lemmy.zip
    link
    fedilink
    arrow-up
    5
    arrow-down
    2
    ·
    2 months ago

    Because Nepal banning social media is so ungodly terrible lol. I’m surprised this is even a thing that was reported on.

    Again, go decentralized or go home.

  • abbiistabbii@lemmy.blahaj.zone
    link
    fedilink
    arrow-up
    1
    ·
    2 months ago

    I had a quick look at Hamro Patro. It’s a Nepali calendar app which features news, horoscopes, exchange rates, radio and podcasts. It is the most popular natively developed app in Nepal basically.

    Just to put this into context: Imagine if the American Government banned the NBC app or the British Government banned the Sky News app.

    • Ardens@lemmy.ml
      link
      fedilink
      arrow-up
      2
      arrow-down
      4
      ·
      2 months ago

      Facebook is considered social media… It’s far from. The term “social media” today, just means that there’s people there, and they can talk/write with each other. 20 yrs ago, it was a moderated and safe place to meet people anonymously, and then if you clicked, you could decide to meet IRL. I made lots of friends back then. Since 2008 I have maybe made 3 friends online on FB… Most on FB are internet warriors.

  • wolfiedafloof@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    1 month ago

    I have no plan in going to Nepal. However, let’s say I get signal in one country where its allowed, and then I travel to Nepal where its banned. What would be my struggles? I can still use signal, right? Its just that I won’t be able to download it from Nepal via google play store (which I’m not using anyway). Signal can still give away the APK file but would assume Nepal censors their website at the end of the day. Could be bypassed via VPN though, if its still legal in the country of course (probably not).