Behind Blue Coat: Investigations of commercial filtering in Syria and Burma documents Citizen Lab research into the use of Blue Coat technology in countries under the rule of authoritarian regimes. This research identifies additional devices in use in Syria and describes attempts to obfuscate the use of these devices.

The report also documents the use of Blue Coat devices in Burma. Evidence indicates that these devices are actively in use in Burma and are being used to filter Internet content and facilitate surveillance. Given that Burma, like Syria, is also under strict U.S. trade sanction, the use of technology developed by a U.S. firm to restrict free expression and facilitate surveillance is troubling.

The Citizen Lab calls on Blue Coat to investigate these claims and take action to prevent the further use of its technology in Syria and Burma.

Agents of the East German Stasi could only have dreamed of the sophisticated electronic equipment that powered Col. Muammar el-Qaddafi’s extensive spying apparatus, which the Libyan transitional government uncovered earlier this week. The monitoring of text messages, e-mails and online chats — no communications seemed beyond the reach of the eccentric colonel.

What is even more surprising is where Colonel Qaddafi got his spying gear: software and technology companies from France, South Africa and other countries. Narus, an American company owned by Boeing, met with Colonel Qaddafi’s people just as the protests were getting under way, but shied away from striking a deal. As Narus had previously supplied similar technology to Egypt and Saudi Arabia, it was probably a matter of public relations, not business ethics.

For the full article, see here.

Majority-Muslim countries regularly engage in faith-based censorship of the Internet, according to a new report by prominent watchdog group, The OpenNet Initative. The study, written by Helmi Noman, examined 15 states and territories. Out of these, 14 blocked sites that were considered to be critical of Islam and five blocked “liberal, secular, and atheistic comment.”

The report, titled In the Name of God, primarily examined Middle Eastern and South Asian states and territories. Some countries, such as Pakistan, Saudi Arabia, and Iran, were also found to be enthusiastically blocking religious websites catering to faith minorities such as the Ba’hai’s and Ahmadiyyas. The Ahmadiyyas, an Islamic sect who believe the messiah arrived in the 19th century, are persecuted in Pakistan and prohibited from calling themselves Muslims.

Fatwas by clerics closely tied to national governments have targeted software developers and ISPs. Saudi Arabia’s state Standing Committee for Issuing Fatwas recently declared the operation of Internet cafes to beharam (forbidden) if the computers inside were used for “false and evil ends,” and the Grand Mufti of Dubairecently demanded that Dubai block access to pro-atheism websites. It is not known whether Dubai took him up on the request.

For the full article, see here.

Internet service providers who quietly play favorites, beware. If Dan Kaminsky has his way, your days of sneaky filtering are numbered.

At the Black Hat security conference in Las Vegas Wednesday, Kaminsky released a free software tool for detecting when an Internet service provider (ISP) is artificially slowing down or speeding up traffic to and from a website, a program the well-known security researcher is calling N00ter, or “neutral router.”

“How do you detect subtle violations in network neutrality? How do you detect biased networks?” Kaminksy asks. “I’m here as an engineer to tell you that we will find you out. And we will find out in a way that’s incontrovertible.”

For the full article, see here.

Anti-censorship campaigners compared the plan to China’s notorious system for controlling citizens’ access to blogs, news websites and social networking services.

The proposal emerged an obscure meeting of the Council of the European Union’s Law Enforcement Work Party (LEWP), a forum for cooperation on issues such as counter terrorism, customs and fraud.

“The Presidency of the LEWP presented its intention to propose concrete measures towards creating a single secure European cyberspace,” according to brief minutes of the meeting.

The secure European cyberspace would have a “virtual Schengen border”, it adds, referring to the treaty that allows freedom of movement within the EU but imposes controls on entry to the bloc.

There would also be “virtual access points” whereby “the Internet Service Providers would block illicit contents on the basis of the EU ‘black-list’”, the proposal says.

The closed meeting was held in February, but the minutes have only gained attention this week after being published online.
Malcolm Hutty, head of public affairs at LINX, a cooperative of British ISPs, said the plan appeared “ill thought-out” and “confused”.

“We take the view that network level filtering of the type proposed has been proven ineffective,” he said.

Broadband providers say that illegal content should be removed at the source by cooperation between police and web hosting firms because network blocking can easily be circumvented.

Glyn Moody, a prominent advocate of openness online, said: “They only have to look at how porous the Great Firewall of China is – something that has been created and honed by experts with huge resources.

“They seem completely oblivious of the implications of their daft plan: the imposition of Europe-wide censorship.”

Hungary currently holds the Presidency of the Council of the European Union, but attempts to contact its spokesmen in Brussels for more information, such as the definition of “illicit contents”, were unsuccessful.

A spokesman for the Council of the European Union itself meanwhile said nobody was available to discuss the issue because officials are on holiday.

JAKARTA—BlackBerry maker Research In Motion Ltd. said Thursday it has started Internet filtering on its smartphones in Indonesia just ahead of a pending deadline, the first such move in any country.

Indonesia had set a Friday deadline for RIM to begin blocking porn websites.

The Indonesian government since last year has been telling Internet service providers in the country to block customers from viewing websites with pornographic material. The move put pressure on RIM, as the company is known, to install filters by a Friday deadline.

“RIM is now in the process of implementing an Internet content-filtering solution that addresses our carrier partners’ regulatory obligations in Indonesia. …We are pleased to have implemented the solution in advance of the date requested by the ministry,” the Waterloo, Ontario, company said.

In response, Indonesian Communication Minister Tifatul Sembiring—who has been at the forefront of the government’s efforts to clamp down on pornography—said on his Twitter account; “Thank God RIM has complied with Indonesian regulations. Pornography has been blocked. Please go ahead with business as usual in compliance with the law.”

The move could resolve one of a number of conflicts RIM has found itself in with other governments. In most cases, the source of contention is BlackBerry message encryption.

A prospective customer checked Blackberry phones at a Blackberry store in Mumbai.

In India, for instance, the government has said it fears that encryption makes RIM’s smartphones convenient for terrorists to use undetected.

The Indian government has been holding talks with the Canadian company on ways to allow monitoring of RIM’s corporate-email services. Last week, RIM provided tools for Indian security agencies to access messenger services, another feature that under government scrutiny.

RIM said in a statement Thursday that talks with the Indian government are “ongoing and positive,” following local media reports of problems with the negotiations.

“We continue to work with the government of India toward mutually agreed objectives within the framework of RIM’s publicly stated principles,” the company said, adding, “we remain focused on our commitment to India and our strong growing customer base.”

Access issues

Countries where RIM has faced troubles in the past year:

India/Turkey: The government has sought access to data on RIM’s secure networks, fearing that encryption makes them convenient for terrorists.
United Arab Emirates/Saudi Arabia: RIM averted a ban on key BlackBerry services after regulatory requirements were met.
Kuwait: The government wants greater ability to monitor BlackBerry communications in the interest of national security.
Indonesia: The government asked RIM to block customers from viewing websites with pornographic material. RIM said it will comply.
Source: Dow Jones Newswires
Both India and Indonesia are crucial markets for RIM. Analysts estimate BlackBerry users in Indonesia top two million, while the number in India easily exceeds one million.

RIM currently has more than 55 million subscribers globally but is betting on emerging markets to further growth.

RIM also has been under pressure in the United Arab Emirates and Saudi Arabia to provide access to data on its secure networks. The company averted a ban on key BlackBerry services in both after the countries said regulatory requirements had been satisfied. The encryption is central to the company’s appeal to corporate customers, which say that secure communications are necessary.

—R. Jai Krishna in New Delhi contributed to this article.

That is why promoting Internet access and freedom is a foreign policy priority for the Obama administration. The State Department is devoting an increasing amount of time, attention and resources to promoting Internet freedom, boosting online access across the developing world and training civil society activists in online organizing. In short, The Post’s assertion that we are doing “next to nothing” — on the basis of a single funding decision — couldn’t be further from the truth.

Michael Posner and Alec Ross,

Washington

Michael Posner is assistant secretary of state for democracy, human rights and labor. Alec Ross is senior adviser for innovation in the Office of the Secretary of State.

Rafal Rohozinski is a co-founder and principal investigator of the Information Warfare Monitor and the OpenNet Initiative, where he directs a network of field-based staff in Asia, the CIS and Middle East. Rafal has 18 years of field-based experience working in an operational and advisory capacity in 37 countries.

In this interview with Network Security.org, Rafal discusses international surveillance and filtering issues.

Based on what criteria does the OpenNet Initiative select a country to analyze? What does the process look like?

We were among the first to document the emergence of censorship patterns. This began with a series of experiments carried out in 2002 at The Citizen Lab (University of Toronto) and Harvard which probed the Chinese and Saudi Arabia firewall systems. That work evolved into the OpenNet initiative.

Over the years we’ve developed a sophisticated and robust testing protocol that fuses data that we generate through technical testing and information we gather from our partners around the world. We currently have a networks of partners in over 95 countries. Basically, the process of determining where to test is quite simple and straightforward. We learn about Internet censorship either by monitoring official government declarations (that they intend to censor), such as in Saudi Arabia, China, Burma and elsewhere.

Alternatively, we pick up reports from our network of partners and or others, including human rights groups, reporters sometimes even ordinary citizens who complain that certain content or services are no longer available. We have developed a number of deployable software tools which allow us to verify whether or not censorship is taking place. These tools are quite accurate, and often will tell us not just if blocking this occurred, but how it is occurring and at what segment of the Internet.

We generally test across several ISPs in one country, which then allows us to determine whether there is a consistency in censorship behavior, and whether the process is centralized, or decentralize to each individual ISP. In some countries, we’ve now found that governments prefer to use offensive means to silence websites rather than resorting to filtering. But this we mean denial of service attacks, the use of $.50 brigades to overwhelm websites with comments and messages, are sometimes just simply disconnecting the resource by tampering with the DNS or physically pulling its connection (if it happens to be located within the state’s jurisdiction). In these cases, we generally engage in more in-depth investigations to understand exactly how these activities are sanctioned, and who carries them out. In some cases this involves sending researchers to work in these countries for an extended period of time.

How can you be certain that the information you’re using as the basis for your research is indeed correct and complete? From what kind of sources do you obtain the information?

We use two separate lists of URLs and Internet resources in our testing process: The global list which is run in all countries in which we test i used as a means of determining whether blocking takes place, and what categories of content are included. It is also highly useful as a way of determining whether a country is using a commercial censorship product, as these usually employ standardized lists were certain URLs will always be blocked. In some cases, the global list has allowed us to fingerprint the exact product being used.
The second list we use is called a local list and it contains URLs of sites and Internet resources that allegedly are blocked in the country. We supplement this list with other URLs which we obtain from other sources, sometimes people within the governments who are involved in censorship itself. We also do a lot of research to identify sites that could potentially be blocked, and may not be available within the country and therefore not noticed by our in-country partners. In general, we strive to be as comprehensive as possible but of course we can’t say that we catch 100% of all blocked content. Rather I’d characterize our tests as being highly representative of the kind of content that is being blocked.

What are the countries with the most Internet censorship and which ones leave their communication channels open?

There is no black and white characterization anymore. In fact, in recent years we have seen a move towards Internet regulation in just about every country under observation. The difference between censorship and regulation is a narrow one, and usually defined by the degree to which the activity is regulated by law, and the recourse that citizens have in being able to challenge content which is subject to censorship.

In countries like China, Vietnam, and Burma, there is very little recourse for citizens to appeal content which is being deemed unacceptable. In Uzbekistan the actual censor lists are considered secret and the practice of censorship is denied by the government (even though content is censored quite heavily). North America and Europe are still very much open, however, even their we’ve seen the rise of content controls, and more seem ready to be put in place in the coming years. Banning some content, such as child pornography is of course legitimate. Other types of content, such as “terrorist content”, is problematic as there is no proper legal definition and the term is open to broad interpretation. The trouble with content control is that once you start regulating you set a precedent that is difficult to stop.

One of the more interesting things we’ve observed in recent years has been the emergence of “third-generation controls”. This form of content control stops short of censorship, but rather sees the state (and pro-state groups) engage in active information warfare against their opponents. They use denial of service attacks, and other techniques in order to silence opposition. This approach is interesting, as it allows the state to claim that it is not censoring groups, but the effect is the same. Of course, there is no legal recourse to challenge these practices.
How do the United States compare to Europe in regards to surveillance and filtering?

Certainly there seems to be more momentum these days towards regulation in Europe. This is prompted by concerns over child welfare and exploitation, and also the perceived danger from radical militant groups. Europe also tends to be more of a surveillance society, particularly the UK. In the US, censorship is more difficult to implement if for no other reason than the court systems offer greater protections for freedom of speech. However, in both places surveillance is on the rise particularly as law-enforcement agencies become more adept to working in the cyber domain. There is also a lot of public pressure to enact laws and measures that will help you deal with what is seen as a rising tide of cybercrime. The cyber security agenda may lead to a new tighter content controls, and greater surveillance all around.

We’ve actually taken steps to engage in the cyber security agenda by creating a company that will provide tools and the device to this community (initially in Canada, as that is where the Citizen Lab and SecDev are currently domiciled). We realize that we can’t simply be bystanders to this process. If we believe that openness really is a better path, then we have to make sure that we address the legitimate concerns of policy makers and law enforcement agencies by providing them with tools that are relevant to policing in the cyber domain without necessarily resorting to tactics that potentially lead to abuse – first and foremost censorship and unnecessary surveillance.

What advice would you give to Internet users that live in a country that employs strong filtering?

If it is a democratic country where there is still recourse for citizens to challenge public policy, then I would urge them to organize with others to demand transparency over the process by which content is deemed unacceptable, and ensure that it remains open and publicly accountable. For those living in authoritarian country where these possibilities do not exist, the calculus becomes more difficult, and really one of individual choice. While it is easy for me to preach the virtues of an open Internet from Canada, it’s another thing to live in a country where the activity itself may lead to dire consequences, including jail or worse. For most people, that risk may be unacceptable. However, for those for whom the principle of freedom of information is something they are willing to take risks for, there are plenty of good solutions such as Psiphon that will give them access to the Internet while minimizing the risk.

An anonymous reader writes "Help Net Security is running an interview with Rafal Rohozinski, a founder and principal investigator of the OpenNet Initiative, which investigates, exposes and analyzes Internet filtering and surveillance practices all over the world. Rafal provides insight on the process of assessing the state of surveillance and filtering in a particular country and discusses differences related to these issues in several regions, touching especially the United States and Europe. In the US, censorship is more difficult to implement if for no other reason than the court systems offer greater protections for freedom of speech. However, in both places surveillance is on the rise particularly as law-enforcement agencies become more adept at working in the cyber domain."