TAG | censorship
Wired reports on a move by the Japanese government to ask websites to block users who “abuse” TOR.
I assume that TOR is being used as an example, and it would apply to any secure privacy tool.
The interesting question is whether this is simply a foot in the door on the way to banning anonymity, or at least making its use evidence of evil intent.
Currently, public privacy services make little effort to hide themselves. Traffic from them is easily detected as being from an anonymity system. If blocking becomes common, many systems may start implementing more effective stealth systems, which would make filtering anonymity for security reasons even harder.
It appears that China recently launched a poorly executed Man in the Middle (MITM) attack on GitHub.
GitHub.com is an https only website, so the only way to monitor it is to use a MITM attack to decrypt the contents of the communications. There is evidence that GitHub is widely used in China for code sharing, so the backlash from blocking it completely was too large, and it was unblocked a few days later.
The attack happened on January 26. It was poorly executed in that the faked certificate did not match the real one in any of the meta-data and it was not signed by a recognized certificate authority. This caused most browsers to report a security error. The MITM attack only lasted about an hour.
Based on reports it only impacted users in China, which strongly suggests that it was government backed at some level. My work in censorship circumvention over the years has shown that China is far from monolithic. This could have been the work of a local government or regional ISP. I have not seen an analysis showing if this was country wide or not. It seems very ham fisted for the central government.
The speculated reason for the attack is to monitor access to a list of people who have been involved in creating the Great Firewall of China, which is hosted on GitHub, and is connected to a petition on Whitehouse.gov proposing that those people be denied entry to the US.
It looks like Syria is back on the Internet again.
I have not seen any indications of unusual atrocities the, so why the short outage?
Fast Company has a good article laying out the state of events regarding the Internet in Syria.
Here is the short version. Syria has changed tactics from keeping the Internet available but highly monitored and surveilled, to turning off apparently absolutely all Internet connectivity within the country.
Syria was unique in its cyber response to their Arab Spring uprisings. Rather than lock down the Internet, they actually un-blocked some popular social media sites. They did this because of the incredible surveillance capabilities this makes possible. Business Week has a nice story on this aspect.
The change of face would seem to have a few possible reasons.
1) Dissident tactics like encryption are making the surveillance less effective.
2) The damage from dissident publishing is greater than the value of the intelligence.
3) The Syrian government is about to do something really nasty and they want to make it very hard to report about it.
We shall see. The fact that the Syrian government appears to have turned off even its own Internet access suggests that they are worried about any leaks through the wall, which makes reason 3 seem more probable.
The number of information requests coming to Google from governments around the world is growing fast. It is up 55% for the first half of 2012 vs. the first half of 2010. The linked article has some nice graphs showing the trend.
It is interesting to note that the US leads the world with over a third of the total requests, followed by India then Brazil.
The other even faster trend is in takedown requests. Since they are s search engine, not a host, this is really pure censorship. It is up 88% between the first half of 2011 and the first half of 2012. That is a true hockey stick. A lot of it appears to be trying to suppress criticism of government or government activities.
The more such information is gathered, the more important it is to take control of your own personal privacy.