New Research On Computer Backdoors Reveals Disturbing Long Term Risks For All Netizens

Nov 052012
 

Research by the University of Toronto Citizen Lab shows that computer back doors are a permanent security risk to users through out the world.

Their research based on events in the middle east demonstrates readily available commercial software is being used by governments to infiltrate computers used by critics and dissidents.

Bloomberg news reported the case of Ahmed Mansoor who was sitting in “his study in Dubai and made the mistake of clicking on a Microsoft Word attachment that arrived in an e-mail, labeled “very important” in Arabic, from a sender he thought he recognized.

“With that click, the pro-democracy activist unwittingly downloaded spyware that seized on a flaw in the Microsoft Corp. (MSFT) program to take over his computer and record every keystroke. The hackers infiltrated his digital life so deeply they still accessed his personal e-mail even after he changed his password.

Since then, Mansoor, 42, an electrical engineer and father of four, says he has suffered two beatings by thugs in September during his campaign for citizens’ civil rights in the Persian Gulf federation of the United Arab Emirates. While those assailants remain unknown, researchers say they’ve figured out what was behind the virtual assault.

Continue reading »

Burmese Comedian And Activist Sees Progress In Freedom of Speech And Regression In Ethnic Unrest

Jun 192012
 

Burmese comedian and film director Maung Thura better known by his professional name Zarganar highlights Burma’s progress on free speech, censorship and political detention at the same time he is pessimistic that those advances in democratic freedoms could be threatened by an upsurge in ethnic violence.

He wrote this commentary for Britain’s Guardian Newspaper.

As a comedian, poet, film-maker and loudmouth, I often fell foul of the censors in Burma, where I was a political prisoner four times. Sometimes it was through deliberate provocation, such as my insistence on trying to include kidnap scenes in all of my films, where at some point the good guys would exclaim “we must free that lady!”, a thinly veiled act of resistance which caught on in the industry and became obligatory for many film-makers during Aung San Suu Kyi’s imprisonment.

My most recent sentence was for 35 years, imposed for criticism of the Burmese government’s woeful response to Cyclone Nargis in 2008, and from which I was released last autumn as part of a mass amnesty. Yet I have also been imprisoned simply for using the internet. It might be interesting to learn that communications were policed by people who understood little about the technology they were patrolling. I don’t think it takes a comedian to see the funny side of police confiscating my computer screen, but leaving the hard drive. Freedom of expression has been rigorously denied for a long time, but Burma is very definitely changing and, in this new world, new challenges are presenting themselves.

Continue reading »

User Stupidity Still A Big Threat To Online Security

May 222012
 

User incompetence, absent mindedness, ignorance and sometimes just unbelievable stupidity are major hurdles to keeping safe online as was dramatically demonstrated in Columbia recently.

Two men went into an internet cafe, checked their Facebook pages and then decided to rob the store’s owner of cash and made off on a stolen motorbike. How were they caught? One of them forgot to log off.

It is easy to laugh at these people who committed a violent criminal act and got caught because they are knuckleheads.

Bbut how many of us do the same thing with out the attending criminality? I know I have left sensitive documents on hotel computers because I did not go through the process of deleting them thoroughly, I have left myself logged on on public computers while traveling overseas. So far I have been lucky but for netizens in China, Vietnam, Cambodia Burma and other areas of our audience such a mistake could lead to imprisonment or worse.

I am sure it is this sort of behavior that is the greatest source of security breaches not sophisticated and complex hacking scams, though they are also a concern.

But for those interested in more details of the social media tuned in robbers read on:

Continue reading »

Satelite Phones No Longer Safe From Interception

Feb 092012
 

Satelite phones long a standby of activists, human rights and aid workers stationed in hostile environments including China, Burma, and Cambodia  have been regarded as a secure means of communication but two researchers in Germany using basic technology took less than an hour to decrypt the European protocol for satelite phones.

The news is disturbing for those working in sensitive areas and particularly people whom rely on them to get news reports out of areas under heavy censorship or as a last resort in case of abduction or serious physical danger.

In a paper bluntly called “Don’t Trust Satellite Phones,” researchers Benedikt Driessen and Ralf Hund say they reverse-engineered the encryption algorithms used by the European Telecommunications Standards Institute.

Ezine Ars Technica which covers technology issues says the satellite telephones, had  until now been considered secure from eavesdropping. They are not, say two researchers who cracked the security used in some sat phone systems.

Continue reading »

New Report Shows Mixed Fortunes For Online Freedoms In the Asia Pacific Region In 2011

Jan 202012
 

Censorship and online controls eased in Burma (Myanmar), Thailand and several other Asian countries last year but there were major clampdowns in China and several south asian countries according to a report just released by media and democracy watch dog Freedom House.

The report cites the success of the Arab Spring in overthrowing governments in the middle east as having prompted the hardening attitudes in China. Leaders there were keen the movement did not replicate itself on their doorstep.

The full report can be read here: Freedom in the World 2012.

Meanwhile the entry for China is available at: Freedom House China 2012

Burma Follows Syria’s Example And Uses US Company’s Technology For Online Censorship

Nov 112011
 

Burma is reportedly using a  United States company’s technology for online censorship, it is the same company whose internet filtering servers were used by Syria to restrict online content.

MIT’s Technology Review says technology from the California company Blue Coat has been supplied to the repressive regimes. Blue Coat confirmed its technology was being used by Syria but that it had been purchased via third party and the company did not know it would be passed on.  

The report quotes findings released by the Citizen Lab, an Internet research center at the University of Toronto, are the latest evidence that commercial technology from the West—in this case from Blue Coat of Sunnyvale, California—is often used by repressive regimes, says Ron Deibert, the lab’s director, who posted the findings in a blog.

Continue reading »

Google Releases Raw Data On Internet Take-Down And Removal Requests In Move Towards Greater Transparency

Oct 152011
 

Google is releasing raw data about which countries have asked it to remove content or take down websites.

The data was gathered as part of its transparency report and the company is hoping that by making the data available in machine readable CSV format developers and researchers will be able to use it as the basis for further investigation and analysis.

These requests include those from law enforcement agencies investigation online fraud and similar illegal activities but they also include requests that are politically motivated. Defining the latter requests is likely to be problematic. What maybe seen as political repression by people outside China and Burma may be seen as a maintaining social order by the authorities in those countries.

However that aside the availability of the raw data is likely to see some interesting and illuminating analysis once some of the technical issues are worked through.

Pictured below is an example from Google of the data release.

Egypt transparency report

Google has encouraged developers to use the raw data from its Transparency Reports on takedown requests and web access to conduct new research. Image credit: Google

UK online tech ezine ZD NET  said the company launched its Transparency Report around a year ago, in an effort to be explicit about the levels of content removal and user data requests it must process. During that time, the dashboard has been useful in showing, for example, how many scam ads Google has taken down, or which services are blocked or allowed in certain countries.

Continue reading »

Harvard Study On Censorship Circumvention Tools

Sep 122011
 

Harvards Berkman Center For Internet and Society has released a new study looking at internet circumvention tools and their use.

This builds on previous work they did in 2007 and brings up to date the technology and new methods in use.

This excellent document is available in PDF format here.

It is a concise and interesting summary of the how various tools work in the field, their success and their practicality. Anyone working in this area particularly in China, Vietnam, Burma and other regimes that routinely block websites and limit online access to information will find the study a worth reading because it gives a longer term look at circumvention rather than a snap shot.

The report’s introductions notes: “This evaluation also differs from our earlier work (2007 Circumvention Landscape Report; 2010 Circumvention Tool Usage) in that we cover significantly more tools and examine two classes of tools (ad-supported proxy servers and VPN services) which we did not review previously.

Continue reading »

Has Your Phone Been Hacked? Some Signs It Has And What To Do About It

Aug 082011
 

Hacking into mobile phones is widespread using readily available software.

Those who embark on such activities range from parents trying to keep track of the children through to repressive regimes, China, Burm and  Vietnam among some of the more active, who are trying to censor the information their citizens have access to at the same time keep watch on any indications of movements that threaten their hold on power.

I have posted a number of blogs about dealing with such technology and how to avoid getting hacked but how do you tell if it has already happened.

Ezine Entrenpeneurs News has a useful guide to signs that your phone may have been hacked. Signs you can look for to find out if your phone has been hacked, where you can go to really find out if you have been hacked, and even give you a resource some people are using to hack smart phones.

Continue reading »

Hints, Tips and Guidelines For Keeping Secure on Social Network Sites

Jul 282011
 

The Arab Spring in Egypt and Tunis spread rapidly via social media. Regimes in countries like China and Burma kept a wary eye on how these events played out in no small part because of concern the same mechanism could be used against themselves.

It is no secret authorities in China, Burma, Iran and the like  monitor social media along with other more intrusive and clandestine surveillance methods to crush opposition and maintain their grip on power.

So it is important to know how to keep yourself and your friends safe while using social media particularly if you are living under a regime that is not backwards about brutally repressing any hint of dissent.

One of the problems of searching for security information online is that a number of so called security websites are themselves a source of malware, viruses and spyware. It is important to only take information from trusted websites and one of the best is the U.S. Department of Homeland Security Computer Emergency Readiness Team.

Generally speaking a website put up by a state agency in a country with a strong “rule of law” and a history of open access to information will be safe.

In the interests of disclosure it should be declared that while RFAunplugged is funded by the U.S. Government editorially it is completely independent and any mention of a similarly funded agency or government department is based soley on its relevance to the topic at hand. As can be seen in previous blogs RFAuplugged does not “kowtow” to any government even the one that pays the bills.

With that said I can definately point readers to DHS-CERT’s website  which has an excellent easy to follow guide on social media with some very useful resources as set out below.

Continue reading »

 Older Entries