One of the most exciting aspects of working on Internet technologies is how quickly the tools you build can spread to millions of users worldwide. It's a heady experience, one that has occurred time and again here in Silicon Valley. But there's also responsibility that attaches to that excitement. For every hundred thousand cases in which a tool improves someone's day, there is another case in which it's used in a life-or-death situation. And for online journalists working on high-risk material, or in high-risk places, that life may be their own or that of a source. That's why CPJ, together with Alexey Tikhonov from Kazakhstan's Respublika, Esra'a al-Shafei from the pan-Arab forum MidEast Youth, and activist Rami Nakhle from Syria, spent this week visiting and meeting with technologists, entrepreneurs, and thinkers in Silicon Valley.
Committee to Protect Journalists
CPJ Internet Channel
Defending Free Expression Online
September 2011 Archives
As we've reported before, there's strong evidence that forces with widespread access to Iran's internet infrastructure have been engaged in large-scale surveillance of https traffic in July and August, certainly of Google traffic, and perhaps many more websites, including Facebook and Yahoo!
If you used the Internet in Iran during this period you should, at the very least, change your passwords, and log out, then log back into, any services you use.
A fuller explanation of what happened, and what to do about, written in Farsi, is available from Google's Persian Blog. "DigicomV" on YouTube has also posted some Farsi-language videos explaining the attack.
Thanks to Katrin at MobileActive for these links.
In August, Google introduced a new, if rather obscure, security feature to its Chrome web browser, designed to be triggered only under extreme circumstances.
If you were talking to Google's servers using the web's secure "https" protocol, your browser makes a number of checks to ensure that you are really talking to Google's servers. Like an overly obsessive bouncer, the new code double-checks the identity of any supposed Google site against a Chrome-only list of valid Google identities hardwired into the browser.
Subscribe
The CPJ Internet Channel examines the battle for free expression online. It’s written by Danny O’Brien, CPJ’s San Francisco-based Internet advocacy coordinator.
