The program provides an overview of the Lab, our research on information warfare, Nart Villeneuve’s Skype report, the OpeNet Initiative, and our psiphon circumvention software project.
…”What we’re trying to do with psiphon is build a technology that supports that original notion of innovation that drove the Internet,” explains Lab Director Ronald Deibert.
“[T]he guarantee of uninterrupted access to free information” is what is at stake, says Professor Deibert, whose background and training as a political scientist – not a computer scientist – shows through clearly.
The Citizen Lab started in 2001, as a research and development centre for “politically-motivated hacktivists.” Among other activities, it operates the Open Net Initiative, collaborating with organizations around the world on matters of online access, cyber security and Internet censorship.
Read more here.
I recently did a radio interview with Radio Canada International&’s “MASALA CANADA with Wojtek Gwiazda.” Wojtek sent me an MP3 of the interview, which can be accessed here.
In the interview, we discuss the Citizen Lab, the OpenNet Initiative, and the ONI Asia project, supported by IDRC Canada.
Radio Canada International’s Masala Canada show can be accessed here.
Radio Canada’s “Une heure sur terre” did a very nice profile piece on the Citizen Lab recently. Here is a link to a stream of the program. Included are discussions about our research on the Russia-Georgia Cyberwar, Nart Villeneuve’s Skype Report and Psiphon.
I am scheduled to appear on TVO Big Ideas this weekend; details below.
TVO: Saturday and Sunday November 22 and 23, 2008, 4 PM
Repeats Saturday and Sunday at 5 am.
RON DEIBERT
In this lecture, political science professor Ron Deibert looks at the issue of internet censorship and surveillance around the world and the tools being created (like “psiphon”) to empower global citizens to freely share and access information online. Deibert is Director of The Citizen Lab at the Munk Centre for International Studies.
The video can be viewed here:
You can listen to and watch the interview here.
You can also download the MP3 of the interview here.
The video of the interview is here:
Digital Wish List: Ron Deibert from CBC Radio: Spark on Vimeo.
What is the greatest challenge currently facing Citizen Lab and what are you doing about it?
More here
“Hacktivists” Update Their Mission
By Kim Hart
Washington Post Staff Writer
TORONTO — Here in the Citizen Lab at the University of Toronto, a new breed of hackers is conducting digital espionage.
They are among a growing number of investigators who monitor how traffic is routed through countries, where Web sites are blocked and why it’s all happening. Now they are turning their scrutiny to a new weapon of international warfare: cyber attacks.
Tracking wars isn’t what many of the researchers, who call themselves “hacktivists,” set out to do. Many began intending to help residents in countries that censor online content. But as the Internet has evolved, so has their mission.
Ronald J. Deibert, director of the Citizen Lab, calls the organization a “global civil society counterintelligence agency” and refers to the lab as the “NSA of operations.”
Their efforts have ramped up in the past year as researchers gather evidence that Internet assaults are playing a larger role in military strategy and political struggles. Even before Georgia and Russia entered a ground war earlier this month, Citizen Lab’s researchers noticed sporadic attacks aimed at several Georgian Web sites. Such attacks are especially threatening to countries that increasingly link critical activities such as banking and transportation to the Internet.
Once the fighting began, massive raids on Georgia’s Internet infrastructure were deployed using techniques similar to those used by Russian criminal organizations. Then, attacks seemed to come from individuals who found online instructions for launching their own assaults, shutting down much of Georgia’s communication system.
Two weeks later, researchers are still trying to trace the origins of the attacks. “These attacks in effect had the same effect that a military attack would have,” said Rafal Rohozinski, who co-founded the Information Warfare Monitor, which tracks cyber attacks, with Citizen Lab in 2003. “That suddenly means that in cyberspace anyone can build an A-bomb.”
The cyber attacks that disabled many Georgian and Russian Web sites earlier this month marked the first time such an assault coincided with physical fighting. And the digital battlefield will likely become a permanent front in modern warfare, Deibert said.
Seven years ago, Deibert opened the Citizen Lab using grant money from the Ford Foundation. Soon after, he and Rohozinski helped begin the OpenNet Initiative, a collaboration with Harvard’s Law School, Cambridge and Oxford universities that tracks patterns of Internet censorship in countries that use filters, such as China. The project received an additional $3 million from the MacArthur Foundation. Deibert and Rohozinski also launched the Information Warfare Monitor to investigate how the Internet is used by state military and political operations. And Citizen Lab researchers have created a software tool called Psiphon that helps users bypass Internet filters.
The combined projects have about 100 researchers in more than 70 countries mapping Web traffic and testing access to thousands of sites.
A number of companies specialize in cyber security, and several nonprofit organizations have formed cyber-surveillance projects to keep international vigil over the Web. Shadowserver.org, for example, is a group of 10 volunteer researchers who post their findings about cyber attacks online.
The small Toronto office of Citizen Lab, tucked in a basement of the university’s Munk Centre for International Studies, serves as the technological backbone for the operations. World maps and newspaper clips cover the walls. Researchers move between multiple computer screens, studying lists of codes with results from field tests in Uzbekistan, Cambodia, Iran and Venezuela, to name a few.
“We rely on local experts to help us find out why a particular site is being blocked,” Deibert said. It could be a problem with the Internet service provider, a temporary connection glitch or a downed server. “But what’s more effective is blasting a site into oblivion when it is strategically important. It’s becoming a real arms race.”
He’s referring to “denial of service” attacks, in which hundreds of computers in a network, or “botnets,” simultaneously bombard a Web site with millions of requests, overwhelming and crashing the server. In Georgia, such attacks were strong enough to knock key sources of news and information offline for days.
Georgian Internet service providers also limited access to Russian news media outlets, cutting off the only remaining updates about the war. On the night of Aug. 12 — the height of the fighting — “there was panic in Tbilisi brought about by a vacuum of information,” Rohozinski said.
Shadowserver saw the first denial of service attack against Georgia’s presidential Web site July 20. When the fighting began, Andre M. Di Mino, Shadowserver’s founder, counted at least six botnets launching attacks, but it was “difficult to tell if it was a grass-roots effort or one commissioned by the government.”
The organization detects between 30 and 50 denial of service attacks every day around the world, and Di Mino said they have become more sophisticated over the past two years.
“It really went from almost a kiddie type of thing to where it’s an organized enterprise,” he said. But he’s hesitant to label this month’s attacks as a form of cyberwar, although he expects networks to play an expanded role in political clashes.
Jose Nazario, a security researcher with Arbor Networks, said cyber attacks used to target a computer’s operating system. But he’s seen a “tremendous rise” in attacks on Web browsers, allowing attackers access to much more personal information, such as which sites a person visits frequently. An attacker then could learn which servers to target in order to disrupt communication.
It’s unclear who is behind the attacks, however. In some cases, the locations of botnet controllers can be traced, but it’s impossible to know whether an attacker is working on the behalf of another organization or government. “It’s going to take a year to figure this out,” Nazario said.
The data trail often goes cold when it crosses borders because there is little legal framework for such investigations. And many countries, along with the United Nations and other international bodies, are still weighing whether a cyber attack is an act of war.
“If a state brings down the Internet intentionally, another state could very well consider that a hostile act,” said Jonathan Zittrain, co-founder of Harvard’s Berkman Center for Internet Society, and a principal investigator for the OpenNet Initiative.
There are also strategic reasons not to disrupt networks in order to monitor the enemy’s conversations or to spread misinformation.
“That’s an amazing intelligence opportunity,” he said.
Using the Internet to control information can be more important than disrupting the networks when it comes to military strategy, Rohozinski said. In Georgia, for example, the lack of access to both Georgian and Russian sources of information kept citizens in the dark while the fighting continued.
“Sometimes the objective is not to knock out the infrastructure but to undermine the will of the people you’re fighting against,” he said. “It’s about the nuts and bolts, but it’s also about how perceptions can be shaped through what’s available and what’s not.”
© 2008 The Washington Post Company
LONDON, England (CNN) — Believe the conspiracy theories — out of sight and without your knowledge, governments truly are filtering what you see on the Internet.
The recent conflict between Georgia and Russia has highlighted many of the issues at play with Internet filtering, as its increasing use by governments raises serious doubts about the freedom of the Web.
Georgian authorities blocked most access to Russian news broadcasters and Web sites after the outbreak of the conflict, and both sides reported Web sites being blocked, removed or attacked as the situation unfolded.
According to one of CNN’s iReport.com contributors in Georgia, the situation has been very frightening for citizens.
Andro Kiknadze said an online forum he used to organize supporters appeared to have been taken down and he described a “cyber war” in which some Web sites appear to be blocked.
“Please, please help us. We are losing our treasure, our freedom. I am almost crying because I’m seeing my country is falling,” Kiknadze said.
So, what is Internet filtering, and why all the fuss?
Filtering simply means restricting access, blocking, or taking down Web sites.
Karin Karlekar, senior researcher at freedom promoter Freedom House, said there were several ways in which content could be ‘filtered’.
She told CNN governments could use purpose-built filtering technology, censor Web sites, filter search results — with the assistance of multinational corporations, and block applications and circumvention tools — to stop online applications like Facebook, YouTube or Voice over IPs that enable social networking.
And the use of these tactics appears to be quite widespread.
According to a 2007 report by the OpenNet Initiative, which surveyed more than 40 countries, almost two-thirds of the states involved were filtering content to some degree.
Ron Deibert, Director of the Citizen Lab at the Munk Centre for Internet Studies at the University of Toronto, said in the research, “States are applying ever more fine grained methods to limit and shape the information environment to which their citizens have access.”
“Some states block access to a wide swathe of content, while others tend to concentrate on one or two narrow baskets. South Korea, for example, tends to block access only to sites related to North Korea,” Deibert said.
Although countries such as Iran and China — home to the ‘Great Firewall of China’ — are obvious examples of where filtering is prevalent, other countries are also restricting content for varying reasons.
Dr Ian Brown, research fellow at the Oxford Internet Institute, said the Internet in some European countries, including the United Kingdom, was also filtered. However this was mostly to block child pornography and content which incited or glorified terrorism, he said.
Most democracies, and particularly those of the U.S. and India had unrestricted Internet, though more than 40 countries were known to filter content, he said.
And it’s not just governments involved in filtering. Search engine Google has been heavily criticized for working with the Chinese Government to block searches for material about Taiwan, Tibet, democracy and other sensitive issues on its Chinese portal. Do you think governments should filter and censor Internet sites?
With recent developments in Georgia and Internet restrictions during conflict in Estonia last year, there are concerns that filtering could be further utilized in future ‘cyber warfare’.
Brown believed filtering would be used more commonly in repressive states in the future. Although he didn’t have exact figures, Brown understood the Chinese military had more than 100,000 people employed to look at cyber warfare.
Co-founder of Harvard Law School’s Berkman Center for Internet and Society, Jonathan Zittrain, told CNN the tactic was very powerful.
“Filtering can help shape the message a country’s citizens see — including, as may have happened recently when Georgia filtered some Russian Web sites, for the purpose of preventing enemy propaganda from reaching one’s citizens.”
While Freedom House’s Karin Karlekar agreed that filtering was a strong aspect to cyber warfare, she said other trends were more concerning.
“Filtering isn’t the primary technological way that Internet freedom can be compromised. The kind of ‘cyber-warfare’ that we hear about usually isn’t filtering as much as ‘denial of service’ attacks that disable servers hosting particular Web sites, either of opposition media outlets or of foreign governments.
“Another type of ‘cyberwarfare’ that occurs more regularly is hacking into computers and stealing information, as well as planting Trojans or viruses,” Karlekar said.
So, if governments are stepping up their Internet filtering and the threat of cyber warfare is increasing, how can citizens sidestep the restrictions?
Zittrain told CNN tech-savvy citizens were already using a variety of tools to circumvent filtering.
“They range from the Electronic Frontier Foundation’s ‘Tor’ software, to commercial anonymizers and virtual private networks, and ‘buddy system’ software like Psiphon, which allows a person in one place to handle requests for Web sites from someone in a place that filters.”
In Iran, some citizens were overcoming Internet restrictions by using Freedom House’s Gozaar Web site.
Karin Karlekar said the site offered news and debates with a plurality of voices, and gave Iranians an opportunity to participate. The domain name was changed weekly to keep ahead of Iranian authorities, she said.
Zittrain, who is a founder of the OpenNet Initiative, which tracks Internet filtering around the world, said the organization was currently working on a free tool that will let people easily report blockages as they find them.
He believed such tools could in future help citizens in heavily restricted countries to bypass filters placed by their governments.
Two years ago the Citizen Lab released a program called Psiphon, which allows users in countries such as China and Iran to circumvent their governments’ Internet censorship. The free software uses computers outside the censoring country — known as proxies — to fetch web pages and send them back over encrypted connections. The technique is also used by a host of other tools, but Deibert says the goal was to make it as user-friendly as possible.
From the Canadian Press