A World Without Liu Xiaobo

Liu Xiaobo died of cancer last week.  A veteran of the 1989 Tiananmen Square protests, and one of the authors of the Charter 08 manifesto advocating for democratic reform, Liu was China’s first Nobel Peace Prize winner.

In spite of Liu’s advocacy for non-violent change, Chinese authorities sentenced Liu in 2009 to eleven years’ imprisonment for “inciting subversion of state power.”

Last month, Chinese authorities acknowledged Liu had contracted cancer.  Liu made an appeal to leave the country to receive outside medical treatment, an appeal that was backed by numerous governments, international organizations, and NGOs.  Apparently concerned that Liu would speak out against the regime, Chinese authorities denied the request.  On July 13, 2017 Liu Xiaobo succumbed to cancer.

The passing of Liu Xiaobo is a very sensitive event for the Chinese Communist Party.  The 1989 Tiananmen Square protests grew out of the mourning of the death of another person advocating for greater government transparency and reform, Hu Yaobang.

Concerned that martyrdom around Liu may spur similar collective action, as well as being concerned about saving face, the kneejerk reaction of China’s authorities is to quash all public discussion of Liu, which in today’s world translates into censorship on social media.

In our latest report, entitled “Remembering Liu Xiaobo: Analyzing censorship of the death of Liu Xiaobo on WeChat and Weibo,” we document the full extent of China’s heavy hand.

Our experiments show that the scope of censorship of keywords, images, and search terms related to Liu Xiaobo on two of China’s most popular social media platforms, WeChat and Weibo, has greatly increased since his passing.

Prior to his death, Liu’s name, in combination with a selection of other keywords perhaps related to his illness or political rights, might trigger censorship.  Afterwards, we found that simply including his name alone was enough to trigger blocking of messages.

We also found that images related to Liu, such as those commemorating his passing, were blocked on WeChat after his death, including images shared in one-to-one chats — the first time we have observed that phenomenon.

As with our prior WeChat research, we confirmed that the censorship is undertaken without any notification to the users, and only applies to users with accounts registered to mainland China phone numbers.  For example, we show that images of Liu posted to an international user’s WeChat feed was visible to other users abroad, but hidden from users with Chinese accounts.

For Weibo, we analyzed search term blocking and confirmed that the platform maintains a blanket ban on searches for Liu Xiaobo’s name. Indeed, searching just his given name, “Xiaobo”, is enough to trigger censorship in English and both Simplified and Traditional Chinese

Freedom of speech is the antithesis to one-party rule.  Dictators throughout history have forced embarrassing truths into the shadows, typically by imprisoning those who speak it, and have scrubbed dissidents from history books, photographs, and other mass media.

The social media censorship we document in our latest report is but the latest manifestation of this authoritarian tendency, and underscores why careful evidence-based research is so essential to the progress of human rights.

Read the full report here: https://citizenlab.ca/2017/07/analyzing-censorship-of-the-death-of-liu-xiaobo-on-wechat-and-weibo/

The New York Times: https://www.nytimes.com/2017/07/17/world/asia/liu-xiaobo-censor.html

Global Voices: https://globalvoices.org/2017/07/17/censorship-after-death-chinese-netizens-quietly-mourn-nobel-laureate-liu-xiaobo/

More Than Meets the Eye

Every day we hear warnings not to open attachments, click on links, or enter our credentials into websites that do not look trustworthy.  But what if they do look legit?  How do we tell?

Our latest report shows not only the lengths to which an espionage operation will go to fool users, but it also provides a good example of how difficult it may be for the average user to discern one from the other.

Authored by the Citizen Lab’s Jakub Dalek, Geoffrey Alexander, Masashi Crete-Nishihata, and Matt Brooks, our report, entitled “Insider Information: An intrusion campaign targeting Chinese language news sites,” details a campaign of reconnaissance, phishing, and targeted malware at the heart of which are carefully-crafted mimics of several prominent Chinese-language news websites.

Our investigation began when staff members of China Digital Times — a popular China-focused news portal founded by UC-Berkeley professor and prominent human rights activist Xiao Qiang — began receiving unsolicited emails with promises of controversial material.  The emails contained a link to what appears to be the legit China Digital Times website. However, it is not.  The operators behind this campaign had copied the entire website and then hosted it on a slightly altered domain.  Instead of “chinadigitaltimes.net” the operators used the domain “chinadagitaltimes.net.”

Can you spot the difference?  

If you noticed the substitution of “a” for “i” in the word digital, you are correct!

Other than the misspelled domain, the legitimate and fake news websites are identical, with one additional key difference: the operators also coded a few lines of javascript into the fake news domain that trigger a popup window asking the visitor to enter in their email and password into a fake WordPress login page.  Had the targets done so, they would have then been redirected back to the legitimate China Digital Times website, oblivious to the fact that their credentials to administer the website were successfully stolen by the operators, allowing them to effectively manage and edit the legitimate website itself.

By analyzing the server used to host the fake website, Citizen Lab researchers were also able to identify several other fake websites that used content from Chinese language news websites that the operators had also mimicked, presumably for phishing.  We also found that some of the servers controlled by the operators were used to stage malware.

It is noteworthy that all of the fake websites our researchers discovered in this campaign are meant to mimic news websites that publish content critical of the Chinese government.  It is possible the operators behind this campaign are “hackers for hire” — typical of the way in which a lot of cyber espionage is outsourced in China.  However, we are unable to positively attribute this campaign to a specific state agency.

I expect we will see more cases such as these in which legitimate news sites are doctored and manipulated to push disinformation or facilitate cyber espionage.  With each of us bombarded with data from social media on a daily basis, discerning “fake” from “real” or “malicious” from “benign” will become more ever more challenging and time-consuming. Cases such as these illustrate the importance of educating users, especially those working in high-risk areas such as investigative journalism, about the importance of integrating information security and digital hygiene into their daily routines.

One final note in this regard: hats go off to China Digital Times staff not only for spotting the malicious emails but also for sharing them with Citizen Lab for further analysis, which led to the discovery of the wider campaign.  Cooperation of this sort is essential for research to progress, and for journalists and the entire human rights community to be aware of the type of threats they mutually face.

We Chat (But Not about Everything)

Imagine if your favourite social media application silently censored your posts, but gave you no information about what topics are censored.

Imagine if everything seemed fine as you posted message after message and image after image, for days on end with no issues, but then occasionally one of your posts would simply not appear without explanation.

And what if the messages or images you are prevented from posting sometimes seem connected with a controversial political issue, but other times not?  Perhaps it’s deliberate, you might guess. Perhaps it’s just you and your bad Internet connection?  Who can say for sure?

Unfortunately this Kafka-esque situation is the reality for well over a billion users of WeChat and Sina Weibo, two of China’s largest social media applications and among the largest in the world.

Our new report provides detailed evidence from systematic experiments we have been performing on WeChat and Sina Weibo to uncover censorship on each of the applications.  As with prior reports on each of the applications, we are interested in enumerating censored topics — a difficult question to answer since neither of the companies is transparent about what they block.

For our latest research, we focused on censorship of discussions about the so-called “709 Crackdown.” This crackdown refers to the nationwide targeting by China’s police of nearly 250 human rights lawyers, activists, as well as some of their staff and family, since July 9, 2015, when lawyers Wang Yu (王宇) and her husband Bao Longjun (包龙军) were forcibly “disappeared.”  The 709 Crackdown is considered one of the harshest systematic measures of repression on civil society undertaken by China since 1989, and is the subject of much ongoing international media and human rights discussion.  

Unfortunately, as our experiments show, a good portion of that discussion fails to reach Chinese users of WeChat and Weibo. Our research shows that certain combinations of keywords, when sent together in a text message, are censored. When sent alone, they are not.  So, for example, if one were to text 中国大陆 (Mainland China) or 王全璋的妻子 (Wang Quanzhang’s Wife) or 家属的打压 (Harassment on Relatives) individually, the messages would get through.  Sent together, however, the message would be censored.  The Citizen Lab’s Andrew Hilt’s has created a visualization showing these keyword combinations here: https://citizenlab.org/709crackdownviz

In addition to a large number of censored keyword combinations our tests unearthed, we also discovered 58 images related to the 709 Crackdown that were censored on WeChat Moments for accounts registered with a mainland China phone number. (For accounts registered with a non-mainland China phone number, on the other hand, the images and keyword combinations go through fine). This is the first time we have documented censorship of images on a social media platform, and we are continuing to investigate the exact mechanism by which it takes place.

The purpose of Citizen Lab’s research on applications like WeChat and Weibo is to better understand and bring transparency to restrictions such as these. We live in a world in which our choices and decisions are increasingly determined by algorithms buried in the applications we use.  What websites we visit, with whom we communicate, and what we say and do online are all increasingly determined by these code-based rules.  Whether those algorithms are fair or not, whether they respect human rights, whether they make mistakes or not, are all questions that can only be answered if the algorithms can be properly examined.

Unfortunately, many social media hide their algorithms, either for proprietary and financial reasons (they want to protect the “secret sauce” that earns them money) or for political reasons (their algorithms are used to enforce restrictions on speech and they don’t want their customers to know about it).  Our research aims to break through that obfuscation and bring such algorithms to account.

Generally speaking, the algorithms that drive social media censorship or surveillance can operate in one of two ways: either on the client side — meaning, inside the application on your device; or on the server side — meaning, inside one of the company’s computers that runs the service.  Typically, to investigate the former, we rip the application apart — “reverse engineer” it — and subject it to various tests to determine what the algorithm does beneath the surface.

For server-side rules, on the other hand, whatever censorship or surveillance is going on happens inside the company’s infrastructure, making it more challenging to interrogate the rules.  Both WeChat and Weibo perform censorship and surveillance on the server side, so we had to undertake detailed experiments using combinations of keywords and images drawn from news stories and fed into the applications systematically to zero in on what’s filtered.  You can read about these experiments in the full report here: https://citizenlab.org/2017/04/we-cant-chat-709-crackdown-discussions-blocked-on-weibo-and-wechat/

Our report serves as a reminder that for a large portion of the world, social media act as gatekeepers of what they can read, speak, and see. When they operate in a repressive environment like China, social media can end up surreptitiously preventing important political topics from being discussed.  Our finding that WeChat is now also systematically censoring images as well as text opens up the daunting prospect of multi-media censorship and surveillance on social media.

CNN China Spat with Google won’t affect relations with U.S.

Ron Deibert, director of the Citizen Lab at the University of Toronto’s Munk Centre, which studies the intersection of digital policy and human rights, said Google’s move didn’t come as a surprise.

“It’s become unsustainable for Google to operate in this environment,” he said. “They’ve made a decision that the risks are too great for them, so they’re going to pull out.”

From CNN Continue reading

Google, China, and the coming threat from cyberspace

Published in the Christian Science Monitor

By Ron Deibert and Rafal Rohozinski

Cyberspace attacks are set to increase. Here’s why – and here’s what we can do to stop them.

The recent cyberespionage attacks on Google and that company’s subsequent announcement that it would reconsider its search engine services in China gripped the world’s focus and set off a debate about China’s aggressive cybersecurity strategy.
Continue reading

NY Times Room For Debate – Can Google Beat China

More Than a Tech Problem

For years, innovative solutions to sidestep Internet filters have plagued Internet censors. Rebellious kids, hoping to sneak a peek around parental controls, have come up with some of the best of these ideas. Others are highly sophisticated open-source systems tended to by brainy PhD.’s and caffeine-fueled programmers.
Continue reading

Google, China and a wake-up call to protect the Net (Globe and Mail comment)

By Ron Deibert and Rafal Rohozinski

 

Action is needed at the global level to ensure that cyberspace doesn’t slip into a new dark age

Google’s announcement that it had been hit by cyberattacks from China and that it’s reconsidering its services in that country has smacked the world like a thunderclap: Why the drastic move? How will China respond? Will other companies with interests in China, such as Microsoft and Yahoo, follow suit? What does it mean for the future of cyberspace?
Continue reading

Some Facts about the Incident at the IGF Egypt

1. We were told that the banner had to be removed because of the reference to China. This was repeated on several occasions, in front of about two dozen witnesses and officials, including the UN Special Rapporteur For Human Rights, who asked that I send in a formal letter of complaint.

2. Earlier, the same officials asked us to stop circulating a small invite to the event because it contained a mention of Tibet. They even underlined it in showing it to me. Because the event was just about to start, we said that we would not be distributing any more of these invitations so it was a moot point.

3. We asked repeatedly to see any rules or regulations governing this act. They did not give us any, only referring to the “objections of a member state.”

4. There were in fact many posters and banners in many of the rooms that I attended, including others in our own. The video itself shows us, at one point, taking one of the other posters we have and offering to cover up the original one. They objected to that and told us this banner must be removed.

On another matter of clarification:

The UN officials did not throw the banner on the ground. They asked us to remove it and one of our staff placed it on the ground for us to consider what to do. That’s where we had the discussion. When we refused to remove it, their security guards bundled it up and took it away.

ONI Bulletin on China’s Green Dam Filtering Software

The OpenNet Initiative has released a bulletin entitled “China’s Green Dam: The Implications of Government Control Encroaching on the Home PC.” You can read more about it here.

Executive Summary

A recent directive by the Chinese government requires the installation of a specific filtering software product, Green Dam, with the publicly stated intent of protecting children from harmful Internet content. The proposed implementation of software as reviewed in this report would in fact have an influence that extends beyond helping parents protect their children from age inappropriate material; the filtering options include blocking of political and religious content normally associated with the Great Firewall of China, China’s sophisticated national-level filtering system. If implemented as proposed, the effect would be to increase the reach of Internet censorship to the edges of the network, adding a new and powerful control mechanism to the existing filtering system.

As a policy decision, mandating the installation of a specific software product is both unprecedented and poorly conceived. In this specific instance, the mistake is compounded by requiring the use of a substandard software product that interferes with the performance of personal computers in an unpredictable way, killing browsers and applications without warning while opening up users to numerous serious security vulnerabilities. The level of parental control over the software is poor such that this software does not well serve parents that wish to the limit exposure of their children to Internet content.

The mandate requiring the installation of a specific product serves no useful purpose apart from extending the reach of government authorities. Given the resulting poor quality of the product, the large negative security and stability effects on the Chinese computing infrastructure and the intense backlash against the product mandate, the mandate may result in less government control.