The first quarter of 2015 has been turbulent in terms of digital security developments worldwide, with different governments taking stronger measures against a free and open Internet.
Riseup published an article about a Spanish police operation against anarchist activists, in which 11 of the arrested activists, seven were jailed pending trial. The reasons given by the judge for their continued detention included the possession of certain books, “the production of publications and forms of communication”, and the fact that the defendants “used emails with extreme security measures, such as the RISE UP server.”
In February, Russia announced that it intends to ban Tor, VPN’s and any service which provides access to anonymizing facilities, Belarusian authorities decide to already implement a prohibition of these services. ISP’s are obliged to check the blacklist which these services are added to daily and block services accordingly. Tor has a Belarusian user-base of between 6-8000 users. Blocking ToR however, is not a straightforward operation. The Russian-announced ban has been criticized by many as unworkable. But it seems likely that Belarus will adopt at least some of the same techniques that China has employed in recent years to limit or ban anonymised traffic. This method employed the establishment of a popular Tor exit node, and the use of known de-obfuscation techniques to unmask and subsequently block the IP addresses of identified nodes, effectively isolating the network. Since Tor specifically relies on non-local routing, the effect of such en masse node-blocking has proved to be very effective at a national level. More about this methods in this 2012 report.
Consequences of Sanctions
Another pressing case in 2015 was the consequence of US sanctions on Crimea; Google and other tech companies complied with orders to block the import and export of tech products and services, such as AdSense and AdWords. The move comes after Apple expanded its own implementations of sanctions, and Paypal added its name to the list as well. The consequence is that Crimea, a peninsula with less than 2 million residents, is effectively a pawn in a chess game between much bigger powers, the U.S. and Russia.
The ‘Great Cannon’
The most important development in 2015 so far was that China was intensifying its censorship activities tremendously. There was a crackdown of the use of VPN’s by the Chinese government, including the blocking of Avast.com, a free anti-virus and anti-spyware protection software. It is said that the block is linked to the site’s SecureLine VPN service. In addition, Chinese companies including Alibaba, Tencent, Baidu and Weibo deleted more than 60,000 accounts for being ‘misleading’ or for other violations. To stay updated about censorship in China, there is a great resource of non-profit newsroom: Propublica. They have used data from GreatFire to track blocked sites.
Which brings us to the huge DDoS attack on sites of the Chinese anti-censorship initiative GreatFire. China took control of millions of web browsers and used them to send a flood of traffic to GreatFire. Meanwhile, CitizenLab and other researchers have coined the term ‘GreatCannon’ for this method of attack, which they say can have more implications for the future.