Entries Tagged "censorship"

Page 4 of 7

Nationalism on the Internet

For technology that was supposed to ignore borders, bring the world closer together, and sidestep the influence of national governments, the Internet is fostering an awful lot of nationalism right now. We’ve started to see increased concern about the country of origin of IT products and services; U.S. companies are worried about hardware from China; European companies are worried about cloud services in the U.S; no one is sure whether to trust hardware and software from Israel; Russia and China might each be building their own operating systems out of concern about using foreign ones.

I see this as an effect of all the cyberwar saber-rattling that’s going on right now. The major nations of the world are in the early years of a cyberwar arms race, and we’re all being hurt by the collateral damage.

A commentator on Al Jazeera makes a similar point.

Our nationalist worries have recently been fueled by a media frenzy surrounding attacks from China. These attacks aren’t new—cyber-security experts have been writing about them for at least a decade, and the popular media reported about similar attacks in 2009 and again in 2010—and the current allegations aren’t even very different than what came before. This isn’t to say that the Chinese attacks aren’t serious. The country’s espionage campaign is sophisticated, and ongoing. And because they’re in the news, people are understandably worried about them.

But it’s not just China. International espionage works in both directions, and I’m sure we are giving just as good as we’re getting. China is certainly worried about the U.S. Cyber Command’s recent announcement that it was expanding from 900 people to almost 5,000, and the NSA’s massive new data center in Utah. The U.S. even admits that it can spy on non-U.S. citizens freely.

The fact is that governments and militaries have discovered the Internet; everyone is spying on everyone else, and countries are ratcheting up offensive actions against other countries.

At the same time, many nations are demanding more control over the Internet within their own borders. They reserve the right to spy and censor, and to limit the ability of others to do the same. This idea is now being called the “cyber sovereignty movement,” and gained traction at the International Telecommunications Union meeting last December in Dubai. One analyst called that meeting the “Internet Yalta,” where the Internet split between liberal-democratic and authoritarian countries. I don’t think he’s exaggerating.

Not that this is new, either. Remember 2010, when the governments of the UAE, Saudi Arabia, and India demanded that RIM give them the ability to spy on BlackBerry PDAs within their borders? Or last year, when Syria used the Internet to surveil its dissidents? Information technology is a surprisingly powerful tool for oppression: not just surveillance, but censorship and propaganda as well. And countries are getting better at using that tool.

But remember: none of this is cyberwar. It’s all espionage, something that’s been going on between countries ever since countries were invented. What moves public opinion is less the facts and more the rhetoric, and the rhetoric of war is what we’re hearing.

The result of all this saber-rattling is a severe loss of trust, not just amongst nation-states but between people and nation-states. We know we’re nothing more than pawns in this game, and we figure we’ll be better off sticking with our own country.

Unfortunately, both the reality and the rhetoric play right into the hands of the military and corporate interests that are behind the cyberwar arms race in the first place. There is an enormous amount of power at stake here: not only power within governments and militaries, but power and profit amongst the corporations that supply the tools and infrastructure for cyber-attack and cyber-defense. The more we believe we are “at war” and believe the jingoistic rhetoric, the more willing we are to give up our privacy, freedoms, and control over how the Internet is run.

Arms races are fueled by two things: ignorance and fear. We don’t know the capabilities of the other side, and we fear that they are more capable than we are. So we spend more, just in case. The other side, of course, does the same. That spending will result in more cyber weapons for attack and more cyber-surveillance for defense. It will result in more government control over the protocols of the Internet, and less free-market innovation over the same. At its worst, we might be about to enter an information-age Cold War: one with more than two “superpowers.” Aside from this being a bad future for the Internet, this is inherently destabilizing. It’s just too easy for this amount of antagonistic power and advanced weaponry to get used: for a mistaken attribution to be reacted to with a counterattack, for a misunderstanding to become a cause for offensive action, or for a minor skirmish to escalate into a full-fledged cyberwar.

Nationalism is rife on the Internet, and it’s getting worse. We need to damp down the rhetoric and-more importantly-stop believing the propaganda from those who profit from this Internet nationalism. Those who are beating the drums of cyberwar don’t have the best interests of society, or the Internet, at heart.

This essay previously appeared at Technology Review.

Posted on March 14, 2013 at 6:11 AMView Comments

China Now Blocking Encryption

The “Great Firewall of China” is now able to detect and block encryption:

A number of companies providing “virtual private network” (VPN) services to users in China say the new system is able to “learn, discover and block” the encrypted communications methods used by a number of different VPN systems.

China Unicom, one of the biggest telecoms providers in the country, is now killing connections where a VPN is detected, according to one company with a number of users in China.

EDITED TO ADD (1/14): Some interesting blog comments from an American living and working in China.

Posted on December 20, 2012 at 6:32 AMView Comments

IT for Oppression

I’ve been thinking a lot about how information technology, and the Internet in particular, is becoming a tool for oppressive governments. As Evgeny Morozov describes in his great book The Net Delusion: The Dark Side of Internet Freedom, repressive regimes all over the world are using the Internet to more efficiently implement surveillance, censorship, and propaganda. And they’re getting really good at it.

For a lot of us who imagined that the Internet would spark an inevitable wave of Internet freedom, this has come as a bit of a surprise. But it turns out that information technology is not just a tool for freedom-fighting rebels under oppressive governments, it’s also a tool for those oppressive governments. Basically, IT magnifies power; the more power you have, the more it can be magnified in IT.

I think we got this wrong—anyone remember John Perry Barlow’s 1996 manifesto?—because, like most technologies, IT technologies are first used by the more agile individuals and groups outside the formal power structures. In the same way criminals can make use of a technological innovation faster than the police can, dissidents in countries all over the world were able to make use of Internet technologies faster than governments could. Unfortunately, and inevitably, governments have caught up.

This is the “security gap” I talk about in the closing chapters of Liars and Outliers.

I thought about all these things as I read this article on how the Syrian government hacked into the computers of dissidents:

The cyberwar in Syria began with a feint. On Feb. 8, 2011, just as the Arab Spring was reaching a crescendo, the government in Damascus suddenly reversed a long-standing ban on websites such as Facebook, Twitter, YouTube, and the Arabic version of Wikipedia. It was an odd move for a regime known for heavy-handed censorship; before the uprising, police regularly arrested bloggers and raided Internet cafes. And it came at an odd time. Less than a month earlier demonstrators in Tunisia, organizing themselves using social networking services, forced their president to flee the country after 23 years in office. Protesters in Egypt used the same tools to stage protests that ultimately led to the end of Hosni Mubarak’s 30-year rule. The outgoing regimes in both countries deployed riot police and thugs and tried desperately to block the websites and accounts affiliated with the revolutionaries. For a time, Egypt turned off the Internet altogether.

Syria, however, seemed to be taking the opposite tack. Just as protesters were casting about for the means with which to organize and broadcast their messages, the government appeared to be handing them the keys.

[…]

The first documented attack in the Syrian cyberwar took place in early May 2011, some two months after the start of the uprising. It was a clumsy one. Users who tried to access Facebook in Syria were presented with a fake security certificate that triggered a warning on most browsers. People who ignored it and logged in would be giving up their user name and password, and with them, their private messages and contacts.

I dislike this being called a “cyberwar,” but that’s my only complaint with the article.

There are no easy solutions here, especially because technologies that defend against one of those three things—surveillance, censorship, and propaganda—often make one of the others easier. But this is an important problem to solve if we want the Internet to be a vehicle of freedom and not control.

EDITED TO ADD (12/13): This is a good 90-minute talk about how governments have tried to block Tor.

Posted on November 30, 2012 at 5:23 AMView Comments

Blue Coat Products Enable Web Censorship in Syria

It’s illegal for Blue Coat to sell its technology for this purpose, but there are lots of third-parties who are willing to act as middlemen:

“Blue Coat does not sell to Syria. We comply with US export laws and we do not allow our partners to sell to embargoed countries,” [Blue Coat spokesman Steve] Schick told the Bureau. “In addition, we do not allow any of our resellers, regardless of their location in the world, to sell to an embargoed country, such as Syria.”

However, Schick did not rule out the possibility that the equipment could have been bought via a third party re-seller, noting that Blue Coat equipment can be found on websites like eBay.

Bet you anything that the Syrian Blue Coat products are registered, and that they receive all the normal code and filter updates.

EDITED TO ADD (11/14): The Wall Street Journal confirms it:

The appliances do have Blue Coat service and support contracts. The company says it has now cut off contracts for the devices.

Posted on October 24, 2011 at 1:39 PMView Comments

Tor Arms Race

Iran blocks Tor, and Tor releases a workaround on the same day.

How did the filter work technically? Tor tries to make its traffic look like a web browser talking to an https web server, but if you look carefully enough you can tell some differences. In this case, the characteristic of Tor’s SSL handshake they looked at was the expiry time for our SSL session certificates: we rotate the session certificates every two hours, whereas normal SSL certificates you get from a certificate authority typically last a year or more. The fix was to simply write a larger expiration time on the certificates, so our certs have more plausible expiry times.

Posted on September 26, 2011 at 6:41 AMView Comments

Telex Anti-Censorship System

This is really clever:

Many anticensorship systems work by making an encrypted connection (called a “tunnel”) from the user’s computer to a trusted proxy server located outside the censor’s network. This server relays requests to censored websites and returns the responses to the user over the encrypted tunnel. This approach leads to a cat-and-mouse game, where the censor attempts to discover and block the proxy servers. Users need to learn the address and login information for a proxy server somehow, and it’s very difficult to broadcast this information to a large number of users without the censor also learning it.

Telex turns this approach on its head to create what is essentially a proxy server without an IP address. In fact, users don’t need to know any secrets to connect. The user installs a Telex client app (perhaps by downloading it from an intermittently available website or by making a copy from a friend). When the user wants to visit a blacklisted site, the client establishes an encrypted HTTPS connection to a non-blacklisted web server outside the censor’s network, which could be a normal site that the user regularly visits. Since the connection looks normal, the censor allows it, but this connection is only a decoy.

The client secretly marks the connection as a Telex request by inserting a cryptographic tag into the headers. We construct this tag using a mechanism called public-key steganography. This means anyone can tag a connection using only publicly available information, but only the Telex service (using a private key) can recognize that a connection has been tagged.

As the connection travels over the Internet en route to the non-blacklisted site, it passes through routers at various ISPs in the core of the network. We envision that some of these ISPs would deploy equipment we call Telex stations. These devices hold a private key that lets them recognize tagged connections from Telex clients and decrypt these HTTPS connections. The stations then divert the connections to anti­censorship services, such as proxy servers or Tor entry points, which clients can use to access blocked sites. This creates an encrypted tunnel between the Telex user and Telex station at the ISP, redirecting connections to any site on the Internet.

EDITED TO ADD (8/1): Another article.

EDITED TO ADD (8/13): Another article.

Posted on July 19, 2011 at 9:59 AMView Comments

Details Removed from Book at Request of U.S. Department of Defense

From the AFP:

A publisher has agreed to remove US intelligence details from a memoir by a former army officer in Afghanistan after the Pentagon raised last-minute objections, officials said Friday.

The book, “Operation Dark Heart,” had been printed and prepared for release in August but St. Martin’s Press will now issue a revised version of the spy memoir after negotiations with the Pentagon, US and company officials said.

In an unusual step, the Defense Department has agreed to reimburse the company for the cost of the first printing, spokesman Colonel Dave Lapan told AFP.

The original manuscript “contained classified information which had not been properly reviewed” by the military and US spy agencies, he said.

St. Martin’s press will destroy copies from the first printing with Pentagon representatives observing “to ensure it’s done in accordance with our standards,” Lapan said.

The second, revised edition would be ready by the end of next week, said the author’s lawyer, Mark Zaid.

EDITED TO ADD (9/30): An analysis of the redacted material—obtained by comparing the two versions—is amusing.

Posted on September 23, 2010 at 7:19 AMView Comments

1 2 3 4 5 6 7

Sidebar photo of Bruce Schneier by Joe MacInnis.