Internet & Democracy Blog

Experts at InfoWar Monitor have discovered that journalists working for foreign media outlets in China, including Reuters, the Straits Times, Dow Jones, Agence France Presse, and Ansa, are the targets of a recent malware (malicious software) attack. Nart Villeneuve and Greg Walton suspect that the attack is connected with increased security around the Communist regime’s upcoming 60 year anniversary:

These attacks correlate with reports of increased security measures within China as a result of the 60th anniversary of the founding of the People’s Republic of China. These increased security measures have also been extended to the Internet, with providers of anti-censorship technology reporting increased levels of blocking that prevents people from accessing the web sites of foreign media and news organizations.

One of the key findings in the report is that the attack appears to have originated at a (possibly unsuspecting) university in Taiwan:

The IP addresses currently used by the malware are assigned to Taiwan. One of the servers is located at the National Central University of Taiwan, and is a server to which students and faculty connect to download anti-virus software. The second is an IP address assigned to the Taiwan Academic Network. These compromised servers present a severe security problem as the attackers may have substituted their malware for anti-virus software used by students, employees, and faculty at the National Central University.

It is difficult to prove the extent to which governments use malware and other computer attacks as a tool of foreign policy, but many experts have strong suspicions that, for example, Russia may be exploiting the criminal networks that exist around malware and computer crime in that country for political ends. (More malware comes from Russia, China and the US than anywhere else in the world according to Stopbadware.) For more details on the recent attack in China see the full report or check out this article in the Globe and Mail.

Global Voices Advocacy tells us that China’s latest attempt to control the Internet – ‘Blue Dam’ – became active on September 13, and the government is requiring ISPs to use the software or face punishment. Blue Dam is an ISP-level surveillance application that is, apparently, meant to solve many of the problems stemming from the failed launch of Green Dam, which the Chinese government initially insisted must be installed on all PCs sold in China, even those sold by foreign companies, and even though large chunks of the code were stolen from existing, patented software applications.

Carrying surveillance out at the ISP level follows the methodology China employs to filter blogs, as Rebecca McKinnon (the go to source on Chinese Internet issues) has shown, by forcing ISPs to do much of the dirty work of the censors. This is also not dissimilar from how Russia apparently monitors Internet activity. How effective any government will be at monitoring the work of millions of Internet users remains to be seen, but it is certainly a development free speech advocates are going to be concerned about, and could lead to another backlash by Chinese Internet users.

During recent turmoil in Xinjiang, China again revealed the Chinese Communist Party’s (CCP) ability to stonewall Internet access regionally, and block sites such as Twitter nationally. However, with the growth of domestic copy-cat micro-blogging services such as Fanfou, TaoTao, Jiwai, Komoo, Zuosa, and Digu, China’s government may be losing their cat and mouse game with connected denizens. Broad proliferation of comparable micro-blogging services are making central control harder to manage. For example, despite recent turmoil in Western China, according to the Berkman Center’s Herdict Project, all of the above sites are still accessible except for Fanfou.com which recently went down for “server maintenance.” Although Fanfou was supposed to come back online on June 6, it is still suspiciously inaccessible. Protracted unavailability of Fanfou points to possible CCP involvement to stifle destabilizing conversation. However, most other domestic micro-blogging services –even Jiwai.de, Komoo.cn, Digu.com and Zuosa.com which bear striking resemblance to Twitter– are still accessible in China. Perhaps user bases differ, and the CCP has shrewdly allowed for this less-threatening Internet persistence. More likely, however, is the fact that a plurality of diversely-hosted, yet similar, services is becoming tougher to patrol.

Another emerging form of domestic communication is Tencent’s Instant Messaging (IM) on QQ.com. No site in China enables greater horizontal web communication than QQ.com, now the 9th largest web property in the world. Founded by Pony Ma in 1998, Tencent –a Chinese-listed company earning $1.2 billion annually in revenue, 88 percent via the sale of “virtual goods” rather than online advertising– has over 570 million registered users of its IM service. In January Tencent launched an English version of the IM platform at IMQQ.com, and a 3G version that offers QQ chat, real-time news, and search engine accessible over mobile phone.

Many users in Western China, and across rural China, do not have email accounts. And many rural Chinese view and understand the Internet as Tencent, the platform on which they’ve grown up. In fact, as of March 2009 China had as many active Tencent QQ users as it officially had people online. Despite focus on access to Google and Twitter –observations of Tweet trends, and Google search engine query data patterns– undoubtedly most relevant in China is continued access to those domestic services of communication most widely used by Chinese citizens.

As advised last week by a Chinese colleague –“mail me at my university account. The government might shut down Google, but they never mess with my college email”– the CCP is selectively choosing what to patrol, because it can’t do it all. While the Western media predominately pay attention to the CCP denying access to Western sites and services, domestic entrepreneurship and a swelling offering of overlapping tools of communication are mitigating the effectiveness of the Internet muzzle. In line with Ethan Zuckerman’s Cute Cate Theory, Web 2.0 may have been created to share photos of adorable creatures, but new platforms for user-generated content are empowering digital activism in profound ways. For the CCP, perhaps it’s the “cute cat,” that is now out of the bag.

China’s efforts to limit access to information about ethnic violence in the country, which has resulted in over 150 deaths, shows that the Internet is more difficult than traditional media to control, but not impossible. The OpenNet Initiative reports that China has completely shut off access to the Internet in Xinjiang province and blocked access to Twitter throughout the country. The New York Times also reports that links about the riots have been deleted from Fanfou, the Chinese version of Twitter, as well as popular forums such as Mop and Tianya. The Times also argues that, similar to SMS during post election violence in Kenya last year, the Internet may have helped mobilize rioters:

Internet social platforms and chat programs appeared to have unified Uighurs in anger over the way Chinese officials had handled the earlier brawl, which took place in late June thousands of miles away…photographs that appeared online after the battle showed people standing around a pile of corpses, leading many Uighurs to believe that the government was playing down the number of dead Uighurs. One Uighur student said the photographs began showing up on many Web sites about one week ago. Government censors repeatedly tried to delete them, but to no avail, he said.

‘Uighurs posted it again and again in order to let more people know the truth, because how painful is it that the government does bald-faced injustice to Uighur people?’ said the student, who spoke on the condition of anonymity for fear of retribution from the government.

A call for protests spread on Web sites and QQ, the most popular instant-messaging program in China, despite government efforts to block online discussion of the feud.

If history is any guide, the Chinese will likely ease their online restrictions when the riots end, but the cat and mouse game will continue. As Michael Wines argues:

Chinese experts clearly have studied the so-called color revolutions — in Georgia and Ukraine, and last month’s protests in Iran — for the ways that the Internet and mobile communication devices helped protesters organize and reach the outside world, and for ways that governments sought to counter them…As the Internet and other media raise new challenges to China’s version of the truth, China is finding new ways not just to suppress bad news at the source, but also to spin whatever unflattering tidbits escape its control.

In regards to the resources at China’s disposal, Jonathan Zittrain may have said it best, “Given that it’s a game of cat and mouse they could bring to bear a lot of cats if they had to.”

The Times has a front page article this morning (yes, I still read the hard copy) on circumvention in Iran and China, which highlights a lot of people and tools we’ve discussed on this blog before, including Tor and Psiphon. (You can learn about additional circumvention resources in our tools database.) The piece also mentions Rebecca MacKinnon’s research, which we wrote about here . Her full paper is also a must read (preview: private sector blog hosting services are doing a lot of the heavy lifting for China’s online sensors).

You should also check out the recently released Berkman paper by Hal Roberts, Ethan Zuckerman and John Palfrey, where they share the results of the testing of various circumvention tools. The technology behind them all is basically the same (like a bank shot in basketball, as the Times piece says), and their testing found that not all tools work as well as one might assume. Of course, users need to make their own decision about what to use and their relative merits, so this paper is an important read. They found that Tor and Psiphon were two of the best at the time of testing. Finally, at a recent meeting of bloggers and activist from the Middle East, I was struck by how many people in countries with restrictions on free speech don’t use these advanced tools–and are often not even aware of them. Hopefully, the press coverage will help spread the word a bit further.

Following up December’s CSIS report and in anticipation of the National Research Council report due out tomorrow, the New York Times has the skinny on cyber-warfare in the 21st century.

As Estonia learned the hard way, democracies (and their infrastructures) are increasingly the target of nationalist hackers,  digital pirates, and government spooks (from China, Russia, the USA?). The alarming possibility that all these groups have or could be in cahoots is scaring the pants off the Pentagon, which is considering developing an alternate strategic command simply for cyber-related conflicts.

Up until now, most of the discussion has focused on defense, the so-called “fortress” method: secure and separate networks for critical infrastructure, virus protection and a cyber-czar to coordinate federal response. As this article illuminates, however, the Pentagon is preparing to bolster those defensive capabilities with offensive cyber-weapons. Hacking the hackers, the article suggests, is the newest form of deterrence.

But here, I think, the Cold War metaphor breaks down. Mutually assured destruction might be a functional way to deter a world war by superpowers, but will it really stop what amount to de-localized (possibly independent) digital guerrillas? There’s a certain asymmetry in favor of the hackers. You don’t have to enrich uranium in defiance of world opinion to hack Wall Street or the U.S. power grid.

In fact, you need to do surprisingly little. With millions of potentially anonymous actors, the problem is multiplied. As in the 1983 film War Games, no one knows whether you’re dealing with a real threat or just a clever punk in a Chinese basement. It’s a warzone as dangerous as it is hazy.

1. Oman, one of the world’s most closed societies, is prosecuting a Web forum moderator for allowing an anonymous post to go up criticizing a telecom company for corruption. I think Arab autocracies are going to come face to face with the explosion of internet speech sooner rather than later. Blogging (particularly anonymous) posting will continue, though aggressively prosecuting the fora where dissenting speech is found might set things back a bit.

2. For a comprehensive look at Chinese censorship and a chart of the security agencies which control the web, see this Digital East Asia article. As it turns out, even Chinese e-books have keyword filtering code buried in their javascript (Hat Tip: NetEffect). Add this to Skype, video sharing websites, Wordpress, and so on… Between self-censorship and the Golden Shield, the crackdown on Chinese cyber-freedom is as terrifying as it is ubiquitous. I’m thinking aloud, but doesn’t it seem plausible that the oft-cited Pew poll which suggests the Chinese approve of censorship are results conditioned by fear of authority and a closed information world? From that grossly limited perspective, Tibetans and Falun Gongers may really seem like rabblerousing no-goodniks.

I’ve had some time to pour over Evgeny Morozov’s thoughtful and sobering piece on cyber-utopianism. He’s dead on in diagnosing Western academics and activists with quixotic belief in the Internet’s power to democratize. The web is no panacea for totalitarianism, Morozov warns, and to fervently hope otherwise is hopeful blindness.

In at least two respects, I agree with Morozov. First, simply increasing access to the internet has not taken down the world’s notorious human rights offenders. “Logistics,” as Morozov points out, “are not the only determinant of civic engagement.” The web may have amplified the efforts of democracy activists (in the Ukraine, Burma or China), but this fact has not necessarily swelled the ranks of freedom fighters.

Connected to this is a corollary point, and one which I previously discussed in connection to a paper Morozov wrote for the Open Society Institute. The Web contains as much distraction as dissidence; it’s a hall of mirrors, often a projection of active fantasy, not political activism. In the BR piece, Morozov nails this:

Once they get online unsupervised, do we expect Chinese Internet users, many of them young, to rush to download the latest report from Amnesty International or read up on Falun Gong on Wikipedia? Or will they opt for The Sopranos or the newest James Bond flick? Why assume that they will suddenly demand more political rights, rather than the Friends or Sex in the City lifestyles they observe on the Internet?

Returning to my first point, Chinese and Burmese cyber-dissidence has simply been met with heavier repression and authoritarian backlash. In direct proportion to the expansion of internet access, Chinese users have seen the creation of a behemoth Great Firewall, monitoring all traffic, even Skype conversations, for subversive keywords. Those bloggers and netizens caught red-handed are shut down or arrested — in chilling 1984-esque slang, they are “harmonized.”

In Burma, by contrast, the Saffron Revolution of Buddhist monks was defeated by a complete take down of the internet and brutal military repression, despite well publicized and shocking photographs from citizen journalists and bloggers. Indeed, one of the motivating questions in our study of the Saffron Revolution was why democratic reform did not materialize in Burma despite the pro-democratic catalyst of internet activists.

However warranted Morozov’s cyber-pessimism may be, there is some room for counter-argument. Cyber-utopians may falsely subscribe to technological determinism, but that doesn’t exclude the possibility that the web’s influence on democratic reform is subtle and slow, almost Burkean in quality.

Read the rest of this entry »

There’s nothing sexier than a spy. Unless, of course, that spy is a faceless web spook stealing documents from the Dalai Lama. Hope all of you have already read this fascinating Times piece about GhostNet, the shadowy malware espionage project uncovered by those smart folks at the Munk Centre, affilited with the University of Toronto. (Munk’s Citizen Lab also broke the story of China’s Skype monitoring, which I wrote about back in December.) GhostNet covertly spied on computers in over 103 countries, including a host of different computers affiliated with the Dalai Lama. Read the full report here.

Researchers traced the servers back to their physical locations, and as it turns out three of the four are in China. It’s hard to not to feel, especially given the focus of Tibetan computers, that this wasn’t an inside job by People’s Liberation Army cyber-warriors. James Fallows, however, has made a persuasive case for skepticism.

Fallow’s chief point is that it is becoming increasingly difficult to distinguish state from non-state actors on the web. GhostWeb might be in cahoots with the Chinese intelligence service, or it might be a band of patriotic hackers, or, God knows, the CIA. One does wonder though what patriotic Chinese hackers would do with sensitive Tibetan documents besides hand them over to Chinese authorities.

Regardless, the Web’s dense underbrush of anonymity empowers astro-turfers, spreaders of misinformation and, as we can now say with certainty, powerful hacker-spies (do they wear tuxedos and drink martinis too?) to prowl unnoticed. No fancy glass cutters or laser trippers needed. This includes dramatic digital cossacks, like the kids that nearly toppled Estonia’s government websites, and more pernicious and hidden efforts like Ghostnet.

For all the powerful and positive changes the Internet heralds (and we have been eager prophets on this blog), there are coequal dangers posed by our greater inter-connection and -dependence. Not to go Luddite on you all, but remote access is always a blessing and a curse.

I was so preoccupied with work this week that I somehow missed that YOUTUBE IS NOW COMPLETELY DOWN IN CHINA. As yet, the take down has not been explained by any Chinese official, though as the WSJ put it:

The latest YouTube ban coincides with the March 20 release by the Tibetan Government-in-Exile of a video allegedly showing Chinese forces beating Tibetans during protests that occurred in March 2008.

From the perspective of authoritarian Chinese bureaucrats, perhaps it makes sense to grab this bull by the horns. The Tibet video would no doubt have gone viral like Tienanmen , and perhaps they’re still smoldering in humiliation over the alpaca meme. Best to “harmonize” all of YouTube instead. To the degree they’ve said anything, Chinese officials have denied there is a ban, also claiming that the video footage of Chinese police beating Tibetan protesters was fake.

I know China and the U.S. have a complex, if schizophrenic relationship, but if any other country had taken down YouTube to silence videos of police brutality (Burma, anyone?), wouldn’t the US be inclined to say something? How long can we sit on the fence, waiting for China to magically bloom into a regime which protects civil rights, if all we can come up with are muted expressions of concern. Good luck Chinese users and good luck to YouTube trying to compete against Chinese video sharing sites which eagerly self-censor and the strong arm of the Chinese censorship regime.