Distributed Security as Cyber Strategy

I wrote a paper for the Canadian Defence & Foreign Affairs Institute titled Distributed Security as Cyber Strategy: Outlining a Comprehensive Approach for Canada in Cyberspace.

Canada recently issued a strategy for cyber security.  I argue that the policy is thin on both commitments and specifics and left many issues unaddressed. The first part of my paper explores “the landscape of cyber security on a global level to give a ‘bird’s eye’ view of the scope of the issues in global cyberspace security and governance”, while the second part lays out some recommendations for “a comprehensive approach to Canadian cyber security following a ‘distributed security’ model that is inspired and derived from liberal democratic and traditional republican security traditions and thought.”

Read the paper [pdf].

RSA Conference on Active Defense

I will take part in RSA Conference’s Special Forum on the Future of Cyber Security and Active Defense with fellow panelists Jim Dempsey, Vice President for Public Policy, Center for Democracy and Technology; Lt. Gen. (Ret) Kenneth Minihan, Managing Director, Paladin; and General Michael Hayden, Principal, Chertoff Group. Jim Lewis, Program Director, Center for Strategic and International Studies, will be moderating. We’ll be discussing “active or dynamic defense”, an approach to proactively deal with cyber attacks.

Click here for more information.

Canadian Connection report and coverage

It has been a busy week, with the release of our report – The Canadian Connection: An investigation of Syrian government and Hezbullah web hosting in Canada.  The report covers a very delicate issue.  We were very concerned about the findings as we came across them, and saw this as a case that could generate some much needed discussion about the proper limits around intermediary liability and how to deal with cases properly where there is an organization/entity whose services are being hosted in violation of sanctions.  Furthermore, since Canada has sanctioned Addounia TV, as did the EU, for incitement of violence in Syria, we felt that it was important to bring the case to public attention.

(We probably could have picked a different title, as there is as much relevance to the United States as there is Canada, but it started out for us as a Canadian story, and so we kept the working title.)

The report was initially covered by the Globe and Mail, and then by CBC News, The Associated Press, and The Washington Post (among others).  I did an interview with CBC’s Matt Galloway on Metro Morning.

The Citizen Lab is continuing our research on this file.

 

Behind Blue Coat: Investigations of Commercial Filtering in Syria and Burma

There is growing concern about the use of commercial filtering and surveillance technology in countries that regularly restrict Internet content and violate human rights. Considerable attention has been focused in recent weeks on Syria, particularly following the Syrian regime’s violent crackdown against the 2011 uprising. Numerous reports have documented the use of technology produced by U.S.-based Blue Coat Systems in Syria to filter Internet content. Despite initially denying the presence of their devices in the country, company representatives eventually acknowledged that 13 of their devices were being used in Syria. This recognition has raised a number of questions about the use of U.S.-produced filtering technology in a country under strict U.S. trade sanction.

Behind Blue Coat: Investigations of commercial filtering in Syria and Burma documents Citizen Lab research into the use of Blue Coat technology in countries under the rule of authoritarian regimes. This research identifies additional devices in use in Syria and describes attempts to obfuscate the use of these devices.

The report also documents the use of Blue Coat devices in Burma. Evidence indicates that these devices are actively in use in Burma and are being used to filter Internet content and facilitate surveillance. Given that Burma, like Syria, is also under strict U.S. trade sanction, the use of technology developed by a U.S. firm to restrict free expression and facilitate surveillance is troubling.

The Citizen Lab calls on Blue Coat to investigate these claims and take action to prevent the further use of its technology in Syria and Burma.

New Canada Centre / Citizen Lab Report: “Casting A Wider Net”

The Canada Centre for Global Security Studies and the Citizen Lab at University of Toronto’s Munk School of Global Affairs, have released a detailed report that tracks and analyzes the difficulties of broadcasting the news into jurisdictions that censor the Internet, including Iran and China. The report, entitled Casting a Wider Net: Lessons Learned in Delivering BBC Content on the Censored Internet reports on a series of real-world tests to deliver access to BBC websites into Iran and China, where they are regularly blocked by authorities. The research combines data from three major sources: two years’ worth of traffic data from the BBC’s web content services, in-field testing of Iranian and Chinese Internet censorship undertaken by the OpenNet Initiative (ONI), and service delivery of Psiphon Inc, a Canadian “circumvention” service that delivers uncensored connections to the web for citizens living behind national firewalls.

Casting a Wider Net sheds a bright spotlight on what is typically a shadow game: the race among government censors to block content, and those determined to sidestep those efforts. China and Iran are among the world’s most pervasive filters of Internet content, and present a special challenge to global media broadcasters who are often targeted by governments for blocking. BBC’s Mandarin and Farsi services are normally subject to intense blocking efforts by both countries.

From 2009 to 2011, the BBC worked with Psiphon in a series of trials designed to test how readily content could overcome Chinese and Iranian blocking efforts, using a range of delivery methods, including social networking sites like Twitter, traditional radio broadcasts, and special email lists.

Working over several months with access to the results of the BBC’s and Psiphon’s trial data, the University of Toronto’s research team, led by the Canada Centre’s Visiting Fellow in Global Media, Karl Kathuria, experimented with several controlled propagation methods while simultaneously directing tests undertaken by ONI researchers inside China and Iran to verify blocking. The result is an unprecedented and detailed peek into the “cat and mouse game” of Internet censorship evasion: what works, what doesn’t, and why?

I explain the motivation for the research in the report’s foreword: “As global news moves online, and content becomes subject to increasingly tight restrictions in numerous national jurisdictions, the challenges of delivering content to target audiences are becoming increasingly complex. To succeed internationally, broadcasters will need to develop a comprehensive strategy to navigate this new media terrain carefully.”

“Casting a Wider Net shows that bypassing Internet censorship to deliver news content in restrictive communications environments involves far more than just supplying circumvention tools. Broadcasters need to devise a strategy for distributing content over the Internet with an understanding of the different challenges they will face in each of the target countries they are trying to reach.”

The full report can be downloaded freely at http://uoft.me/casting.

Access Contested: Security, Identity and Resistance in Asian Cyberspace

In December 2011, we will celebrate the launch of Access Contested: Security, Identity, and Resistance in Asian Cyberspace, which is the third volume from the OpenNet Initiative.

Edited by Ron Deibert, John G. Palfrey, Rafal Rohozinski and Jonathan Zittrain, Access Contested examines the interplay of national security, social and ethnic identity, and resistance in Asian cyberspace, offering in-depth accounts of national struggles against Internet controls as well as updated country reports by ONI researchers.

Access Contested is available for pre-order at MIT Press.

Asian Cyberspace on the Rise: Challenges and Opportunities for Canada

In wrote an article for the Asia Pacific Foundation of Canada about the rise of Asia’s cyberspace. ” The piece  examines “how countries are responding to the challenges and opportunities of growing innovation in the region…and outlines the limited role Canada can play in shaping developments of cyberspace governance and security in Asia which will have far reaching implications in the future.”

Read the full article here [pdf].