Twitter
Facebook
Email Lists
DonateThe last few weeks have offered the strongest indications
yet that nation-states are using customized software to exploit security flaws
on personal computers and consumer Internet services to spy on their users. The
countries suspected include the United States, Israel, and China. Journalists
should pay attention--not only because this is a growing story, but because if
anyone is a vulnerable target, it's reporters.
Committee to Protect Journalists
CPJ Internet Channel
Defending Free Expression Online
Iran
CPJ Internet Channel
| Belarus, Burma, Cuba, Equatorial Guinea, Eritrea, Iran, North Korea, Saudi Arabia, Syria, Uzbekistan
One big reason for the Internet's success is its role as a universal standard, interoperable across the world. The data packets that leave your computer in Botswana are the same as those which arrive in Barbados. The same is increasingly true of modern mobile networks. Standards are converging: You can use your phone, access an app, or send a text, wherever you are.
At the launch of Google+, Google's attempt to create an integrated social network similar to Facebook, I wrote about the potential benefits and risks of the new service to journalists who use social media in dangerous circumstances.
Despite early promises of relatively flexible terms of service at Google+, the early days of implementation were full of arbitrary account suspensions - particularly of pseudonymous users - and the appeals process was unclear. The result was a lot of early bad press for the service from the traditional "first adopter" crowd, a framing it has subsequently struggled to escape.
Politically-related Iranian prosecutions often take place in near secrecy, with unclear charges morphing and changing over time. It doesn't get any easier to work out the motivations of prosecutors when the charges are connected to technology.
It's easy to use polarizing descriptions
of online news-gathering. It's the domain of citizen journalists, blogging without
pay and institutional support, or it's a sector filled with the digital works
of "mainstream media" facing financial worries and struggling to offer employees
the protection they once provided. But there is a growing middle ground:
trained reporters and editors who work exclusively online on projects born independent
of traditional media. They share many of the practices of an older generation
of reporters, but their work draws from the decentralized and agile practices of
the digital world.
As we've reported before, there's strong evidence that forces with widespread access to Iran's internet infrastructure have been engaged in large-scale surveillance of https traffic in July and August, certainly of Google traffic, and perhaps many more websites, including Facebook and Yahoo!
If you used the Internet in Iran during this period you should, at the very least, change your passwords, and log out, then log back into, any services you use.
A fuller explanation of what happened, and what to do about, written in Farsi, is available from Google's Persian Blog. "DigicomV" on YouTube has also posted some Farsi-language videos explaining the attack.
Thanks to Katrin at MobileActive for these links.
In August, Google introduced a new, if rather obscure, security feature to its Chrome web browser, designed to be triggered only under extreme circumstances.
If you were talking to Google's servers using the web's secure "https" protocol, your browser makes a number of checks to ensure that you are really talking to Google's servers. Like an overly obsessive bouncer, the new code double-checks the identity of any supposed Google site against a Chrome-only list of valid Google identities hardwired into the browser.
- Venezuela prepares law to regulate media, including the Internet.
- Iranian blogger Hossein Derakhshan briefly released from jail on $1.5 million bail...
- ...but fellow Iranian-Canadian anti-censorship software designer Saeed Malekpour still faces death penalty.
- Syrian telecom minister says awareness of the dangers, not censorship of the Internet is the solution.
- Egyptian blogger Karim Amer is finally free after four years in prison.
- Iran launches yet another police force to deal with the Internet, headquartered with the Revolutionary Guard. Its commander says the state plans to quadruple its Internet control budget.
- Google lobbies U.S. policymakers to consider online censorship a free trade issue.
- Is breaking into Yahoo e-mail too easy? The Sarah Palin hack revealed flaws in the webmail system's security that can still be exploited.
- Yet more malicious attacks on computers connected to the Nobel Peace Prize. As with CPJ and other groups, the Nobel Institute's director, Geir Lundestad, received a personalized, but fake e-mail containing malware.
- Saudi Arabia blocks Facebook over "moral concerns"--then immediately unblocks it, claiming an "error."
- CPJ protested the arrest of Bahrain blogger Ali Abdel Imam back in September -- The Wall Street Journal has a story on his continuing detainment.
- Activism around the imprisonment of Canadian-Iranian blogger Hossein Derakhshan continues: PEN Canada is focusing on his case and Canada and France's foreign ministers have urged his release.
- Local Thai ISPs are being called in by the government to help block the country's rapidly expanding website blacklist. The authorities want them to respond 24/7 to censorship requests.
- The Journal of Democracy has published Ron Deibert and Rafai Rohozinski's overview of the pros and cons of new technology in authoritarian societies. It's available here in PDF format.
- The New York Times has more info on US law enforcement's request to broaden its Internet interception powers.
- Jared Cohen, the US State Department's advocate for high-tech diplomacy, has moved to Google. Foreign Policy interviews him on his new job.
Subscribe
