“Need ammunition, not a ride.”
― Volodymyr Zelensky

The Russian invasion left many dead and wounded. The war continues not only on the real battlefield, but also on the digital one. The mobile phone is the weapon: one piece of information can save lives or kill enemies. Especially in occupied territories: browser history, contact list, photos, any personal information can put a citizen's life in danger: a punishment, a bullet or a prison camp. Privacy in war is more important than ever. Encrypted messaging can be an opportunity or a threat, and both can change sides several times a day.

Basic internet access and power cuts

The Russians have been attacking Ukrainian power stations since September 2022. These attacks cause massive blackouts and problems with internet and mobile phone networks. This was planned as a blow to morale and an attack on ordinary citizens: Putin believed that people would attack the Ukrainian government and demand surrender and stop the war.

Does it look stupid? It seems so. Has it failed? Sure, since early spring 2023. Well, Kremlin and logic don't always go together - they have plans to occupy Ukraine for 3 days and many Russians have been captured in ceremonial uniforms.

Nevertheless, the life of a typical Ukrainian citizen was changed by a lot of pure darkness. Lights, power banks, generators - Ukraine now has more of these than any other country in the world. No electricity - no internet, so going offline became increasingly popular, especially in the mornings and evenings - the times when power grids are at their busiest.

Modern technology can make the difference - FTTH, Fibre To The Home. Fibre optic cables are more resilient to power outages. For an extra fee, some Ukrainian IPS can install FTTH and help with SPF converters and routers. People often work together to install auto-accumulators on their local network switches.

Hacking of bank and government websites is very common, so VPNs are a must in Ukraine. After February 24, many VPN providers offered free plans for Ukrainians, but this ended after a few weeks because the services couldn't handle the load. Also, VPNs often work faster than local ISP connections due to better routing.

Mobile Internet - 3G and 4G are helpful during power outages, but depend heavily on the number of users. So they work well most of the time, but if there is a power outage and many users switch to 3G/LTE, the speed drops very quickly. Elon Musk's satellite-based Starlink makes all the difference, helping not only military connectivity but also cities, towns, villages, hospitals and schools. You can't overestimate the importance of the internet in times of war.

Weaponized GSM/3G/4G targeting

Korean volunteer Ken Rhee [said] (https://www.youtube.com/watch?v=_Xz8yBcqWBQ) that his team was hit by artillery in the same building they left a few minutes ago. The Russian army has really good phone targeting technology and they use it a lot. It also works from the other side: SBU intercepts a lot of Russian calls and publishes them, exposing low Russian morale and war crimes. Connection is super critical to the war. Russians also steal phones from civilians, and it played badly for them once when Ukrainian rockets killed many freshly mobilised in Makiivka. Phones are dangerous for connecting people: feels like the point of the paranoid notes, but war experience says otherwise. A call or a text message can lead to the disclosure of geolocation and intercepted information.

Telegram

Telegram created by Pavel Durov, Russian citizen and former owner of Vkontakte (the current owner (https://techcrunch.com/2014/09/16/mail-ru-pays-1-47b-to-take-over-vkontake-russias-facebook-settles-durov-suit/) is FSB - modern KGB version). Telegram is very popular in Ukraine. This messenger had a long conflict with the Russian government and was blocked in Russia, but was unblocked a few years before the war. Ukrainians don't care too much about privacy because they want to know local news first: every big and small town, village, neighbourhood and cats with dogs had Telegram channels.

If you still believe in Telegram security we recommend to check the interesting posts about:

• Twitter/jsrailton: I will show you how safe Telegram is
• The Guardian: Revealed: the hacking and disinformation team meddling in elections
• Wired.com: The Kremlin Has Entered the Chat)
• Telegram is 'not a secure platform, NATO-backed strategic comms chief warns
• Russia is spying on Telegram chats in occupied Ukrainian regions

The last post is most important, in my opinion. Because one, five, ten intercepted messages and hacked or deanonimized accounts is dangerous, but real-time analysis of all messages and and connections is absolutely different level of control.

MTPoto, the Telegram protocol design illustration from above tells us that message data is encrypted: a user writes the message in the client, the client wraps it in an encrypted container and adds non-encrypted metadata before sending it to the telegram server. The most interesting part of metadata is auth_key_id.

When Telegram ID is created, the client creates unique idenfifier and connect it with phone number. Surprise - this identifier is called auth_key_id!

auth_key_hash is computed := 64 lower-order bits of SHA1 (auth_key). The server checks whether there already is another key with the same auth_key_hash and responds in one of the following ways.

• Telegram documentation: https://core.telegram.org/mtproto/auth_key

Telegram gives the Russia great opportunities to identify Ukrainian patriots. It's not difficult to create huge user base with phone numbers, correspondence, preferences, subscriptions. Sometimes there is even access to geographical location by controlling of 3G/LTE base stations equipment. It is easy enough to go through the followers of any pro-Ukraine political activist, to find out where the patriotic citizens are located and filter them by city. They also can check whether the person is "untrustworthy" at the checkpoint and extract all contacts of "bad guys". Even if the telegram was deleted from the phone itself, they can use collected database to trace its contact list.

Another critical point - the Telegram chats are not encrypted by default. If the device was lost and Russians get access - they can read all chat history with single click.

Telegram is just a brilliant gift for the occupiers if they have direct access to it and can filter the local traffic.

Cory Doctorow's advice on digital personal security for Ukrainians

Cory Doctorow - the author, activist journalist and EFF (Electronic Frontier Foundation) Special Advisor have published a long Twitter thread with diital privacy advices. The short notes:

• Using Telegram is trading personal safety for access to news and communication with important people for you.
• Telegram can be dangerous 'cause untrustworthy employees, government warrants, or the management itself.
• Telegrams channels and private chats aren't encrypted by default, which means Telegram has full control and can share their content with Russians.
• Do not forget to enable "Secred chat" on one-to-one chats.
• Account takeover attacks are imporant, especially for group admins.
• Signal or Whatsapp alternatives may be worth trying.
• 2FA, two-factor authentification matters, enable it where possible.
• Self-destructing messages feature rocks, use if for important information.

Viber

Viber is now owned by Rakuten and was bought by Cyprus-based company Viber Media, according to Wikipedia page. Viber is very popular in Ukraine, monstly used for personal one-to-one chats, for channels Ukrainians prefer mostly Telegram.

Wikipedia hides the one important fact: Viber was initially developed by the Russian company Synesis Group with CEO Aleksandr Shatrov based in Minsk, Belarus. Yeah, the same country which provided their territory to Russians to attack Ukraine. The Synesus Group maintained Viber until 2016 as the contractor and what happened after Rakuten deal still unknown. The company also has offices located in Moscow, Baku and Astana.

In addition to Viber, they wrote an ID search service for Yandex (major search engine in Russia, affiliated with the Russian government) and the facial recognition system called Kipod for video surveillance, which allows the KGB (back to the USSR!) to identify protesters from street video cameras in Belarus.

Since 2020, Synesis has been under sanctions by the European Union, which found it responsible for the attack on freedom of speech and political repression by the Lukashenka regime in Belarus. Shatrov, the CEO, criticizes the protests and supports Lukashenka and Belarusian governmant and cancel Belarusian language in the company's offices. Let's summarize: Viber developers are support totalitarian regime in Belarus. Do you have any doubts which side they take in the Russian-Ukrainian war?

Thanks to EU, they banned the company completely, denied their visas and froze all their assets.

In 2014, Viber was purchased by the Japanese company Rakuten. The Rakuten has been a co-owner of the Russian online retailer Ozon since 2011. Viber has protection by the Russian and Bellarusian governments, cooperates with the FSB (Russia) and the KGB (Belarus), the user data servers are located in the Russian Federation. At the same time, it is the most popular messenger in Ukraine, which declares 20M (repeat: twenty million!) users. Do you have any doubts about how the Russian will use this data?

The full chat encryption, which strongly promoted by the Viber developers, is not confirmed by any serious security analysis. The source code is closed, so they can write whatever they want. So, Ukrainian users' messages can be at least partially (and most likely, completely) read and analyzed by the owner of the servers, who likes the Kremlin and Lukashenka.

What is wrong with Viber?

• Developed by a company that helps Lukashenka carry out repressions.
• Cooperates with the Russian Yandex.
• The management is banned by the EU.
• Employees are not allowed to communicate in Belarusian in their offices.
• The users data of Ukrainian top messenger is partially located in Russia
• Viber is banned on Ukrainian occupied territories.

Whatsapp and Signal

A messenger can be useful for spreading propaganda or fake news, and for blocking boots. The story is very different for Telegram and Whatsapp, which are owned by Meta.

Russia owns many media outlets and uses them as part of its propaganda machine: RT, Sputnik, TASS and others. Twitter was the first to start fighting Russian propaganda and removed many links.

Meta has completely blocked Russian media in Europe, but it works too slowly compared to other platforms.

Compared to Telegram, Signal and WhatsApp are end-to-end encrypted out of the box and users don't need to manually enable encryption. It works for one-to-one chats and channels. Telegram's encryption algorithms are different and Signal's owner along with other people call it [insecure] (https://twitter.com/moxie/status/1474067549574688768).

By popularity Whatsapp is the 3rd messenger in Ukraine after Telegram and Viber. Signal popularity is unknown, but this messenger is well known by using in Ukrainian military groups.

Online education in the occupied territories

Kids are the future of the nation. The Russians know this and are actively spreading propaganda and alternative history where Ukraine doesn't exist before Lenin and is full of Nazis. They don't trust the local teachers and brought their own teachers to the to the occupied territories to spread propaganda and militarization to children - in Russia the government sponsors the army cadet courses and military classes for children as young as six! The Russians are actively promote their own schools and always try to block Ukrainian online resources. Of course, they also want to hire local pro-Russian teachers. According to the Ukrainian Ministry of Education, more than 3000 schools, colleges and universities are destoyed.

Education is the another battleground between Russia and Ukraine. If local citizens don't want their children to be brainwashed by Russian propaganda - they're in danger. The teachers who are still doing Ukrainian online classes - also in danger, if they will be uncovered their freedom may be restricted by camps or prison. If the locals refuse to send their kids to school they may get some personal sanction from Russian administration, so some children do a mix daily - go to Russian schools and do Ukrainian online classes daily. This technique need a cover - another people for lockout, when kids learing classes somebody must stay around and check for Russians in the area. It looks like in mix of English 1984's utopia, don't you?

Front area is really different for any kind of education. Shelling, power outages, sleep, mental health and water problems force people to survive and postpone their education plans for better times. Some people refuse to evacuate from dangerous area and their children are affected.

Despite all the strugles, education is important as part of the hope for better life, without war, propaganda and Z marks.