When a bug fix can save a journalist’s life

One of the most exciting aspects of working on Internet technologies is how quickly the tools you build can spread to millions of users worldwide. It’s a heady experience, one that has occurred time and again here in Silicon Valley. But there’s also responsibility that attaches to that excitement. For every hundred thousand cases in which a tool improves someone’s day, there is another case in which it’s used in a life-or-death situation. And for online journalists working on high-risk material, or in high-risk places, that life may be their own or that of a source. That’s why CPJ, together with Alexey Tikhonov from Kazakhstan’s Respublika, Esra’a al-Shafei from the pan-Arab forum MidEast Youth, and activist Rami Nakhle from Syria, spent this week visiting and meeting with technologists, entrepreneurs, and thinkers in Silicon Valley.

Nakhle has been one of the primary online gatherers of news and footage from Syria, a country that since its prohibition on foreign journalists has been under an effective information blackout. After repeated threats against his life, he now lives in exile. Tikhonov helps maintain the online visibility of a Kazakh opposition news outlet that is prohibited in its own country, one whose offices were firebombed in 2002 and that even now is under constant online attack in exile. With an international network of volunteers, Al-Shafei built the collaborative platforms MidEast Youth with MidEast Tunes and the global citizen journalist project CrowdVoice, to provide a free, uncensored platform in regions still struggling against local censorship and stringent media controls. Joining us was entrepreneur Isaac Mao, who provided valuable insight from more than a decade of analyzing China’s Internet policies, and technologists Jacob Appelbaum and J. Alex Halderman, who provided background on new developments in privacy-protection and censorship circumvention.

More on this issue
Mexico murder may be social media watershed

Thanks to the assistance of the Thiel Foundation, we spent the last few days meeting with companies and key individuals in Silicon Valley. Tikhonov talked to engineers about how his site has experienced repeated denial-of-service attacks despite the careful defenses it has built, and how the attacks have been spreading to other, general-purpose online forums such as LiveJournal. Al-Shafei explained how a distributed, volunteer-driven Internet organization seeks to defend itself when its voices challenge not just groups in one country, but many. Nakhle walked security experts through the daily experiences of online Syrians, who find themselves caught on the cutting edge of online intimidation.

Many of Silicon Valley’s most influential innovators, entrepreneurs, and thinkers took time to meet with us. All of the experts were engaged by the challenge of fixing the problems our guests faced. It was clear that the rise of criminal, and tacitly state-supported, online attacks isn’t just a problem for journalists–it’s increasingly a concern to those who maintain the Internet itself.

But it is one thing to read about such attacks in technical white papers and bug reports. It’s quite another to hear of the effects firsthand. Our audience took notice when Al-Shafei’s gave disturbing evidence of cooperation between states in silencing Kurdish voices online. Tikhonov told tales of Russian authorities quietly intervening when the sheer volume of denial-of-service attacks on the exile web servers of Respublika began to affect the backbone of the local Russian Internet. Nakhle’s statistics were chilling–dozens of people interrogated in Syria simply over their Facebook accounts; 17 colleagues imprisoned or missing.

Fighting off these attacks is an enormous challenge–one that will require much more cooperation between the journalists at the edge of the Internet and the technologists at its heart. But the rewards are just as powerful.

As Nakhle said to a room crowded with those who built and maintain the modern Internet: “People I know lost their lives or were tortured for months as a result of security bugs. I am not saying this to blame you because they know the risks they are taking and they’re brave enough to take risks. If you really can help them here with just a small investment in their security, you may save many people’s lives. You may not know about them, because you can’t follow everything that is happening online, but it is happening. A tiny bug fix on any platform, it will absolutely save people’s lives. It is one of the noblest things you can do.”