The Electronic Frontier Foundation has published a comprehensive, multi-lingual guide to keeping sites that are undergoing distributed denial-of-service (DDoS) attacks alive.
Denial of service (DoS) and distributed denial of service (DDoS) attacks are increasingly common phenomena, used by a variety of actors—from activists to governments—to temporarily or indefinitely prevent a site from functioning efficiently. Often, the attack saturates the target with server requests designed to flood its bandwidth, leaving the server unable to respond to legitimate traffic.
Though the owners of major sites often have the resources to fend off or even prevent such attacks, smaller sites—such as those belonging to small independent media or human rights organizations—are sometimes permanently disabled due to a lack of resources or knowledge.
This guide aims to assist the owners of such websites by providing advice on choosing an appropriate webhost, as well as a guide to mirroring and backing-up their websites so that the content can be made available elsewhere even if their site is taken down by a DoS or DDoS attack.
Keeping Your Site Alive
Read the rest
The complex zones of control in Arab Spring uprisings can be baffling. Here's the BBC's new map of Syria's myriad front lines
(compare to religious demography
), which makes everything perfectly clear. Read the rest
The Swedish news show Uppdrag Granskning has posted an hour-long investigative journalism piece establishing the link between the giant Swedish telcoms company Teliasonera and oppressive regimes around the world. Teliasonera sold and supported network equipment that was used to spy on dissidents, journalists, political reformers, union leaders, and the general public in Belarus, Uzbekistan, Azerbaijan, Tajikistan, Georgia and Kazakhstan. Here's EFF's writeup of the piece:
Read the rest
The investigative report, titled “Black Boxes,” in reference to the black boxes Teliasonera allowed police and security services to install in their operation centers--which granted them the unrestricted capability to monitor all communications—including Internet traffic, phone calls, location data from cell phones, and text messages—in real-time. This has caused concern among Swedish citizens and Teliasonera shareholders, who had previously been assuaged by assurances from the telecommunications company that they follow the law in the countries in which they are operating. After a meeting with Peter Norman, Sweden’s Minister of Financial Markets, the chairman of Teliasonera’s board of directors issued a statement, announcing that they had launched “an action programme for handling issues related to protection of privacy and freedom of expression in non-democratic countries, in a better and more transparent way.”
Teliasonera’s declaration of good intentions may be too little too late after the damning evidence of abuse compiled by Uppdrag Granskning. Documents obtained by their investigators showed an Azerbaijani had his phone tapped after he published a piece about being beaten at the hands of government security agents while covering a story. The report also found that black-box surveillance was used in Belarus to track down, arrest, and prosecute protesters who attended an anti-government protest rally following the 2010 Belarusian presidential election.
I've just finished Rebecca MacKinnon's Consent of the Networked, and now I'm kicking myself for letting it languish in my review pile for as long as I did. It is an absolutely indispensable account of the way that technology both serves freedom and removes it. MacKinnon is co-founder of the Global Voices project, and a director of the Global Network Initiative, and is one of the best-informed, clearest commentators on issues of networks and freedom from a truly global perspective.
MacKinnon does a fantastic job of tying her theory and analysis to real-world stories. She illustrates how governments are figuring out how to use networks to take freedom away, to control debate, to find and crush dissent. She shows how Internet corporations -- even the ones with a good track-record on protecting their users -- are prone to cooperating with the worst, most repressive instincts of governments (including supposedly liberal western governments).
But she also describes how technology contributes to freedom, and how savvy use of technology, combined with activism in the realm of Internet governance, lawmaking, and corporate affairs can turn technology into a force for liberation, accountability and freedom. She teases out the good and the bad of technology, working from recent examples like the Arab Spring uprisings, and names names and cites facts and figures when it comes to companies and governments who worked to undo the liberating power of technology.
Most of all, MacKinnon lays out a roadmap for tipping the technological balance towards freedom. Read the rest
A fake PDF purporting to contain information on "the formation of the leadership council of the Syrian revolution" is circulating. As the Electronic Frontier Foundation's Eva Galperin and Morgan Marquis-Boire report, it's bad news for people who install it.
The latest surveillance malware comes in the form of an extracting file which is made to look like a PDF if you have file extensions turned off. The PDF purports to be a document concerning the formation of the leadership council of the Syrian revolution and is delivered via Skype message from a known friend. The malware installs a remote administration tool called DarkComet RAT, which can capture webcam activity, disable the notification setting for certain antivirus programs, record key strokes, steal passwords, and more. It sends this data back to the same IP address in Syrian IP space that was used in several previous attacks, including the attacks reported by CNN in February, the Xtreme RAT Trojan EFF reported in March, and this sample from March 21st.
Syrian Internet users should be extremely cautious about clicking on suspicious-looking links, or downloading documents over Skype, even if the document purportedly comes from a friend.
Campaign Targeting Syrian Activists Escalates with New Surveillance Malware Read the rest
Noordijk sez, "Egyptian graffiti artists make this military street barrier 'disappear.'"
Sheikh Rihan mural
Read the rest
Last week, the Electronic Frontier Foundation profiled FinFisher and Amesys, two of the companies that had been caught selling network spying tools to despotic regimes around the world, including Hosni Mubarak's Egypt and Muammar Qaddafi's Libya. This week, EFF continues the series with profiles of Italy's Area SpA (which sells electronic tracking software to Bashar al-Assad's regime in Syria) and Germany's Trovicor (which sells spyware to a dozen countries in the Middle East and North Africa).
In 2011, at the same time that news of Syria’s violent crackdown on democratic protests graced the pages of the world’s newspapers, an Italian company called Area SpA was busy helping the Syrian’s dictator Bashar al-Assad electronically track the dissidents his army was firing upon in the streets. Area SpA had begun installing “monitoring centers” that would give the Syrian government the ability “to intercept, scan and catalog virtually every e-mail that flows through the country” as well as “follow targets on flat-screen workstations that display communications and Web use in near-real time alongside graphics that map citizens’ networks of electronic contacts.”
Worse, as the violence in Syria escalated in mid-2011, “Area employees [were] flown into Damascus in shifts” in the government’s push to finish the project, according to a report from Bloomberg News.
Spy Tech Companies & Their Authoritarian Customers, Part II: Trovicor and Area SpA
Read the rest
The Electronic Frontier Foundation has begun to publish a series of informative corporate biographies of technology companies that make network spying equipment and sell it to torturing dictators like Hosni Mubarak and Muammar Qaddafi. These companies' publish sales material advertising their use of tools created for the express purpose of breaking domestic and international law, and operate from countries like the UK (FinFisher) and France (Amesys). EFF urges prosecutors in these countries to investigate the spyware companies for complicity in human rights abuses.
The Wall Street Journal has since reported about FinFisher’s techniques and its technology’s dangerous capabilities. It works much the same way online criminals steal banking and credit card information. Authorities can covertly install malicious malware on a user’s computer without their knowledge by tricking the user into downloading fake updates to programs like iTunes and Adobe Flash. Once installed, they can see everything the user can. The FinFisher products can even remotely turn on the user’s webcam or microphone in a cell phone without the user’s knowledge.
FinFisher doesn’t pretend to market their products for solely lawful use. In 2007, they bragged that they use and incorporate “black hat (illegal and malicious) hacking techniques to allow intelligence services to acquire information that would be very difficult to obtain legally,” according to a report by OWNI.
Spy Tech Companies & Their Authoritarian Customers, Part I: FinFisher And
Read the rest
In my latest Guardian column, "The internet is the best place for dissent to start," I look at Ethan Zuckerman's recent talk on the Internet and human rights, and the way that cute cats create the positive externality of a place for dissent to begin and flourish, and look at the problems this causes:
Zuckerman's argument is this: while YouTube, Twitter, Facebook (and other popular social services) aren't good at protecting dissidents, they are nevertheless the best place for this sort of activity to start, for several reasons.
First, because when YouTube is taken off your nation's internet, everyone notices, not just dissidents. So if a state shuts down a site dedicated to exposing official brutality, only the people who care about that sort of thing already are likely to notice.
But when YouTube goes dark, all the people who want to look at cute cats discover that their favourite site is gone, and they start to ask their neighbours why, and they come to learn that there exists video evidence of official brutality so heinous and awful that the government has shut out all of YouTube in case the people see it.
The internet is the best place for dissent to start
Read the rest
On the CBC Ideas podcast, a lecture by Ethan Zuckerman on the connection between LOLcats, Internet activism and the Arab Spring:
In the 2011 Vancouver Human Rights Lecture, Ethan Zuckerman, director of the Center for Civic Media at MIT, looks at the "cute cat" theory of internet activism, and how it helps explain the Arab Spring. He discusses how activists around the world are turning to social media tools which are extremely powerful, easy to use and difficult for governments to censor. The Vancouver Human Rights Lecture is co-sponsored by the UBC Continuing Studies, the Laurier Institution, and Yahoo.
The Vancouver Human Rights Lecture - Cute Cats and The Arab Spring
Read the rest
The Electronic Frontier Foundation and Global Voices Advocacy have produced a guide for bloggers who believe that their work is liable to get them arrested or kidnapped by the authorities:
All bloggers should:
* Consider providing someone outside the country with the following information:
- Login credentials to your social media, email, and blog accounts
- Contact information of family members
- Information about any health conditions
* Regularly back up their blog, Facebook, email, and other accounts
* Consider mirroring your website if you want to ensure it remains up without your attention to it
* Encrypt sensitive files and consider hiding them on a separate drive
* Consider using tools like Identity Sweeper (for Android users) to secure/erase your mobile data
* Consider preparing a statement for release in case of arrest-- This can be helpful for international news outlets and human rights organizations
* Consider recording a short video identifying yourself (biographical info, scope of work) and the risks that you face and share with trusted contacts
* Develop contacts with human rights and free expression organizations*
* Think about a strategy/contingency plan for what to do if you're detained (see below)
For Bloggers at Risk: Creating a Contingency Plan
Read the rest
Update: Zainab is back home!
Carstenagger sez, "The blogger and human rights activist Zainab Alkhawaja has been detained since Thursday, December 15th, where she was detained after being teargassed while participating in a peaceful demonstration. Her husband and her father are imprisoned, her father sentenced to life in prison and allegedly hideously tortured. Zainab is in *great danger* of being tortured, given the present climate in Bahrain. Zainab is a very courageous activist, which prompted NY Times reporter Nicholas Kristof to tweet: 'I suggest that Bahrain officials avoid torturing and imprisoning @AngryArabiya. Some day she could be their president.' Here is how YOU can help: Zainab is a Danish citizen. Our new Minister of Foreign Affairs is all too fond of photo ops with Hillary Clinton, but he will succumb to pressure and hopefully create a diplomatic incident to protect one of his citizens. Please drop him a line on email@example.com and express your concern for Zainab Alkhawaja and ask him to use his influence to demand her release [Ed: see above -- she's back home]."
Dansk aktivist anholdt i Bahrain
Read the rest
In TIME magazine's 2011 Person of the Year issue, this cover by artist
Shepard Fairey, portraits of more than 50
protestors from around the world, and an essay by Kurt Andersen:
Massive and effective street protest' was a global oxymoron
until-suddenly, shockingly-starting exactly a year ago, it became the
defining trope of our times. And the protester, once again, became a maker
of history....The stakes are very different in different places. In North
America and Europe, there are no dictators, and dissidents don't get
tortured. Any day that Tunisians, Egyptians or Syrians occupy streets and
squares, they know that some of them might be beaten or shot, not just
pepper-sprayed or flex-cuffed. The protesters in the Middle East and North
Africa are literally dying to get political systems that roughly resemble
the ones that seem intolerably undemocratic to protesters in Madrid,
Athens, London and New York City.
"Protester" is an interesting choice of language. "Activist," or "Occupier" if the focus is on America, would have also been apt.
The related "Runner-up" interview with Ai Weiwei is a great read, too. I was surprised not to see Julian Assange or Steve Jobs mentioned in this annual foo-fah; their lives and work certainly had an impact (though neither is a simple hero in my book). The former Apple CEO, who died this year after a long battle with cancer, isn't mentioned at all.
What do you think? Read the rest
[Video Link, warning: graphic content.] Reuters reports: "Cairo police fought protesters demanding an end to army rule for a third day on Monday and morgue officials said the death toll had risen to 33, with many victims shot in the worst violence since the uprising that toppled President Hosni Mubarak."
Below: Gotta love the cotton candy vendors who are still out there, peddling their fluffy pink wares, even as tear gas and live ammo are deployed against protesters by the military police.
Read the rest
Taghi Amirani, who's running a Kickstarter for a documentary called "We Are Many," writes, "The film is about the global protest movement linking the massive global Iraq War protests of Feb 15 2003 to the Arab Spring and now the Occupy movement. It tells the remarkable story of people power taking center stage. Actor and activist Danny Glover is a contributor and Executive Producer. Jesse Jackson and Brain Eno are featured. And writer of The Rocky Horror Show Richard O'Brien has become our biggest donor so far."
We will bring you the real story, the people's story, including interviews with those whose protest experiences catapulted them into founding 'people powered' campaigning movements. Most of the people who helped create the biggest human gathering ever seen in one day are unknown ordinary people reaching for the extraordinary.
We will demonstrate the remarkable links between the 2003 protests and the Arab Spring, as well as with the occupation of cities across Europe, and now in America too. The Occupy Movement in America and rest of the world is the latest chapter of one of the great untold stories of people power. Our cameras are there to capture the historic moments.
We Are Many
Read the rest
Tunisian Facebook users have plastered Obama's Facebook page with thousands of messages in support of the Occupy movement:
Among the comments, Tunisian Facebook users circulated “Arab Spring” jokes, such as: “Tunisia is the first country to recognize the American Transitional National Council,” referring the revolutionary upheaval in Libya and the global recognition of the Libyan transitional council.
The Facebook users described it as a “virtual surprise attack” on. Many of the recent entries on his 2012 presidential campaign page were bombarded with as many as 20,000 comments each.
“Tunisian people are calling the U.S. authorities to respect freedom of expression and not to resort repression and assault on the rights of American citizens,” read one comment, which was reposted by several users.
Another comment read: “Tunisian people denounce violations against the American people by the security forces, which affect the freedom of expression.”
Tunisians poke fun at Obama in assault on his Facebook page
(Image: Occupy Philadelphia || Oct 6, 2011, a Creative Commons Attribution (2.0) image from janeanger's photostream)
Read the rest
"Alaa’s detainment proved to be a lot tougher than I had initially hoped for. It’s a wake up call for the expensive price of freedom, and it makes one value the struggle on the one hand, but curse the incomprehensible cost on the other. I just didn’t think that the news of Alaa in military prison would affect me so strongly. But it did. As it will, when he’s released. And as it will, when our fight reaches victory."—Tarek Shalaby
. Read the rest