Sunday, June 28, 2009

Cyber-communications: "Control, Halt, Delete."

"User ID: a police officer checks registrations at an internet café in Xuchang, central China. From next month, Beijing wants new computers to be installed with extra controls." Check out the little rat bastard in the back with the camera.

Interesting article in Financial Times found here. I know from anecdotal evidence that there are Threepers out there working on their hacking skills. We need more for, if, as and when. I would be interested to see some philosophical (and obviously hypothetical) discussion about legitimate targets in the event of a civil war sparked by government tyranny. For example, hacking a power grid to collapse it with predictable innocent casualties would, in my mind, be off limits. Hacking to get around government censorship and targeted cyber or EMP attacks on government databases on the other hand would be acceptable and even necessary.

Your thoughts?

Mike
III

Control, halt, delete

By Joseph Menn, Richard Waters and Kathrin Hille

Published: June 26 2009

This week, an open letter appeared on Chinese blogs and online bulletin boards. “Hello, internet censorship institutions of the Chinese government,” it said. “We are the anonymous netizens. We hereby decide that from July 1 2009, we will start a full-scale global attack on all censorship systems you control.”

Beijing’s attempts to manipulate the internet would, the message predicted, “soon be swept on to the rubbish pile of history”.

Chinese internet users, although skilled at dodging the censors, are angrier than they have ever been. The anonymous declaration of war is just one sign of the strains emerging as the global spread of internet access, and its embrace by activists of all stripes, triggers an unprecedented crackdown by national governments that threatens to transform the way hundreds of millions of people communicate.

China is trying to force censorship software on to every new personal computer, while Iran succeeded this week in virtually eliminating the spread over the internet of first-hand accounts from protests in the streets at the handling of its presidential election.

That stifling of web freedoms that many people around the world take for granted are being accompanied by more novel means of combating cyber opponents. Those methods range from directing stealthy technological attacks that shut down dissident websites to unleashing swarms of paid commentators to argue the government position on supposedly independent blogs.

Both carry the added attraction of deniability: many regimes are employing advanced repressive techniques that are hard to identify in action, let alone circumvent. At a time when new communication technologies, from text messaging to Twitter, promise to put greater power in the hands of the individual, these techniques are having a chilling effect. Internet experts from more open societies fear that this will lead to greater self-censorship by organisations and individuals, which they see as the most effective tool of all.

Even the optimists warn of setbacks. “In the end, the winners of the race are most likely to be citizens and activists who use these technologies for democratic purposes,” says John Palfrey of Harvard University, an authority on internet filtering. But he adds: “With respect to individual battles, the states that practise censorship and surveillance are winning some of them.”

The number of such states is in the dozens, researchers say. In Burma and Moldova, governments recently resorted to pulling the plug on mobile phone networks amid unrest magnified by text messages; in Uzbekistan, there is widespread suspicion of internet monitoring but few ways to prove it. That is despite the fact that a lot of the surveillance and security software in the hands of governments across the world comes from western suppliers. In what is by its nature among the most globalised of industries, technology companies are seeing a revenue boost from governmental interest in data mining, search and storage products, though they periodically draw fire from activists for assisting repressive states.

The most gripping evidence of the change at hand has come from Iran. The theocratic regime has been in a protracted struggle over the free flow of information and communication with many of its largely young urban populace since the day after this month’s disputed election.

Tehran has a decided advantage in that it runs the country’s leading internet service provider. Called DCI, it throttled back the amount of bandwidth available to its citizens so that web video traffic dropped by as much as 90 per cent and e-mail leaving the country fell by nearly as much.

Data assembled by Arbor Networks, a US internet security company, show the Iranian government was picking and choosing what types of traffic to let through and which parts of the net to leave unimpeded. Just as the security forces adjusted their response to counter the changing nature of the protests on the ground, Iran’s internet police changed which sites could be reached.

Facebook and other social networks were easy to block and fell quickly. Twitter, a web-accessible broadcasting service that can process messages from mobile phones, proved harder to take down without killing off all text messaging.

Activists proved agile at hopping from one medium to another. For more than a week, outsiders would send people in Iran the addresses of “open proxies”, computers outside the country set up to relay traffic. That way, Iranians could still reach sites they were blocked from accessing directly. But the authorities hunted down most of those proxies and cut off access. Finally, on Thursday, they killed most outgoing traffic, including Twitter blasts.

“It’s a big problem when a government is just willing to shut down communications,” says John Perry Barlow of the Electronic Frontier Foundation, a non-profit organisation based in San Francisco, who was helping dissidents get the word out. “If they do that, you’re down to smoke signals.”

Iran’s response evolved rapidly, aided by filtering technology in place long before the election. No country, though, has been as thoroughly policed through as many means as China, which has long been on the cutting edge of censorship.

Now, Beijing is trying to cement its control with a decree that from July 1, all computers sold in the country must come with a program called Green Dam/Youth Escort, which the government says will be used to block access to pornography sites.

Dell, Hewlett-Packard and other computer makers are protesting and have won the support of US trade officials, who are threatening to bring the matter to the World Trade Organisation.

“Green Dam will be a game-changer, if in fact it goes into effect,” says Harvard’s Mr Palfrey. “The desktop is the last bastion of personal freedom. It would change the way people use these devices in extraordinary ways.”

Beijing has for years blocked many sites by setting up filters on the country’s largest internet backbones, using a method nicknamed the Great Firewall of China.

The central government has more recently heaped additional blocking and monitoring responsibilities on to internet service providers, web companies and local censors, all of which have been upgrading the technology they use.

TRS, a Chinese supplier of internet security products, says growing numbers of police departments are replacing their traditional search engine-based efforts with state-of-the-art data mining applications, which are capable of analysing large bodies of information.

All this has its limits. “Controlling public networks is very, very difficult,” says Tony Yuan, chief executive of Netentsec, another Chinese security provider. “Bandwidth and traffic are huge, so normally you don’t have the computing power.”
But the latest effort by China’s central authorities takes them further still, to the PCs that stand at the edge of the network. It is not clear they will succeed.

The computer makers and US government are being joined in their opposition by security researchers who have identified flaws in Green Dam that could allow third parties to take control of PCs.

Even if the blanket order is delayed, circumvented or quietly forgotten, the Chinese government has already gained access to many PCs. Earlier this year, Beijing made the bundling of Green Dam a precondition for eligibility of PCs in its subsidy programme for PC sales to rural residents. In May, it ordered all schools to install the program. “I would estimate that we’re already looking at more than 10m computers in China with Green Dam installed,” says an executive at a Beijing internet portal company.

An estimated 300m Chinese have online access. Though the more determined among them are likely to find ways around Green Dam, many may not even try to defy the message of disapproval being sent by Beijing.

Some of the surveillance and censorship technology in Iran and China is home-grown but much of it is western. Nokia Siemens Networks, a joint venture between the two European companies, says, for example, that it was required to sell Iran equipment for monitoring phone calls as part of a contract for a communications network. Cisco has periodically come under fire for selling its routers to China but says the same equipment is used in both open and closed internet systems.

Under laws in the US and elsewhere, telecommunications companies must make it easy for law enforcement agencies to conduct authorised wiretaps – and equipment providers say they cannot shut that capability off depending on the customer.

Collection, in fact, is no longer so much the problem: analysing the masses of data is a bigger issue, as is massaging search technology to look for more than simple keywords that alarm officials, such as “Tibet” and “democracy”. That technology is becoming much better – spurred in part by the increasing global attention to cyber security. Notably, the US defence department this week approved a new military cyber command that will answer to the National Security Agency, which in recent years has been exposed for mining Americans’ e-mail without warrants.

Concerns about pernicious criminal software and “denial of service” attacks, which have shut government websites in Estonia and elsewhere with bombardments of useless data, have prompted further efforts to scrutinise internet traffic. But according to some researchers, technologies developed to counter insidious attacks such as these will only serve to advance the techniques of information control – to the eventual detriment of future mass revolts against oppressive political forces.

“If security starts becoming job one, then a lot of things being used by repressive states will become commercialised and normalised,” says Rafal Rohozinski, a founder of the OpenNet Initiative, which tracks filtering. “We’ll be doing the same thing as Iran, or using the same technologies. And that’s what I worry about.”

******************************************
STRONG-ARM TECHNIQUES
How curbs on net users work:
Internet filters
Method: Set up on the main conduits of the internet, known as backbones, these software filters block traffic from websites on a proscribed list.
Example: “Great Firewall of China”.

Deep packet inspection
Method: A layer of software that looks to identify the content of individual pieces of information, or “packets”. This can be used to read, store or block individual messages and connections to websites.
Example: Commercial providers including Phorm and NebuAd.

Denial of service attacks
Method: Large numbers of PCs bombard a website with requests, making it inaccessible to other users.
Example:Sites in Estonia and Georgia during conflicts with Russia.

Toeing the party line
Method: Some regimes recruit people to present their case online, sometimes paying them.
Example: “50-cent bloggers” in China.

Self-censorship
Method: Governments bring pressure on companies to restrict access to content. Bloggers must register.
Example:MSN Spaces, Microsoft’s blogging service in China, bans phrases including “human rights”.

Edge-of-network restrictions
Method: Censors push control to a more local level. Internet providers’ terms of service make them act as agents of the state. Restrictions at the edges of the network can reach all the way to curbs installed in PCs.
Example: China’s Green Dam/Youth Escort software.

7 comments:

Anonymous said...

Have you switched from Windows to Linux yet on your desktop? How do you know you don't already have a web-monitoring virus?

Have you switched to reading Sipsey Street via TOR?

http://en.wikipedia.org/wiki/Tor_(anonymity_network)

How about the Sipsey Street web site moving to a hidden service inside TOR, instead of using Google which cooperates with Chinese censorship?

How about all the regular readers who can leave their PCs on as TOR nodes?

Yes, it will take a significant investment in learning and preparation to make these changes, but it will not cost money.

Qi Ji Guang said...

QUOTE From next month, Beijing wants new computers to be installed with extra controls." QUOTE

Then, the people of China shall show them that they give NO SH*T about their "control" BS, by hacking through these new controls.

When I was in China I was amazed by the ease by which kids far younger than me were able fly above the government restrictions and firewalls.

DustoneGT said...

Most people in China limit their hacking to the circumvention of the censoring and monitoring.

The problem is that these VPN connections and encrypted tunneling communication technologies require that there is a free server somewhere to pass the data to the user.

I think we'll have to concentrate on other things because there will not be any free servers to connect to.

chris horton said...

I don't believe anything will be "off limits" should it come to that,bro.

CIII

ParaPacem said...

If memory serves, in one of our forays into Iraq, a hacker got into the Iraqi defense ministry's computers and installed a very specific virsu. It would seem to me that a hacker with sufficient skills could re-0direct anything - LEO directions, materiel coordination... there are many possibilities.

BTW - The Chinese caption of the photo above is:
Unlike the barbaric Western society's unsafe and unsupervised internet cafes, the People's Servants here in China provide armed security officers to guard each young surfer from nefarious persons! Also, each person is given a complimentary photographic memento of his or her visit to the People's Intenet Cafe, to treasure the memory of each special day. The Government even provides discreet escort service which follows the lucky surfers selected at random, all the way home from the Cafe upon departure, assuring their safe and timely arrival!"

2O said...

I believe your article has a great deal of potential and I found reading it a very pleasurable experience.

Charlie Q said...

Mike,
start keeping pigeons