Janet Haven

Burma's State Peace and Development Council is at it again. Mizzima, an online publication covering all things Burma, reported two days ago that users inside Burma are reporting blocked access to Google search and gmail. For those who follow the Burmese government's desire to control their citizens' information access, this is perhaps no surprise: the Open Net Initiative last year released a report on internet filtering in Burma that noted a significant filtering rate of sites hosting information on government opposition group, Burmese information, and email service providers. (Concerned for the nation's morality, the SPDC also blocks porn and gambling sites.) Also blocked were specific searches for filtering workarounds, like the one ONI tested on Google for "SMTP+POP3+tunnel".

Burma, of course, is not alone in filtering the internet (although the presence of a single state-run internet service provide makes it spectacularly easy, as well as filtering systems like those provided by Fortinet that the ONI reports the Burmese government started using last year.) China is regularly in the news as the Great Firewall cuts further and further into the online freedoms of Chinese internet users. Equally distrubing is the realization by smaller countries that what works for the giants could also work for them: Ethan Zuckerman recently wrote about Ethiopia's apparent blocking of a mainstream blogging service, and the subsequent yawning non-coverage in mainstream media over this watershed event. The problem, as he points out, is that it's really difficult to verify exactly what's going on in a repressive country, exactly what's being blocked, etc. Ethan gives a good description of the work ONI is doing, including the painstaking detail that needs to go into it in order to be accepted. Particularly when you have a few state-owned ISPs serving a country, blocking and unblocking sites is really quite easy; what you end up with a population that isn't going to trust gmail, yahoo, or hotmail as a reliable service. What this means is that they will tend to use local (reliable) email services, which are more easily monitored by the state.

Documenting internet filtering in repressive countries is crucial. Equally crucial is proactively educating these populations, particularly people involved in civil society who desparately need to get information in and out of repressive countries, on how internet filtering works, the risks they take in information gathering and distribution over the internet, and what simple tools and techniques are available to them to circumvent censorship. That's not a small order: most activists are passionate about their issues, not about technology. Many serious activists aren't part of the international NGO jet set: they don't speak English, and they need to receive training, tools, and handbooks in their own languages. Finally, the great majority of people who live in Burma, Ethiopia, Zimbabwe, China, Turkmenistan, Uzbekistan and so on can't travel outside their countries to learn these things, and trainings within are clearly dangerous for all involved. How to deal with all these issues is an ongoing puzzle, although quite a few smart people have started thinking about innovative ways to address these situations. Secure NGO in a Box, which I've written about here before, is one of those efforts to put localized information and tools into the hands of those who need it. Still missing is the training piece that needs to go hand-in-hand with the set of tools (although the Secure Box team has done a good job of writing a manual for beginners that is intended to be used alone), as well as an answer to the reaction time issue. In the game of cat and mouse that repressive governments play with internet filtering, civil society is so far always in the position of playing catch-up.

Posted by Janet at 08:24 AM | Permalink | Comments (102)

Back home here in Budapest, we have a semi-embarassing American ambassador: George Bush's cousin, George Walker. He's a nice enough guy, I've heard, even with a sense of humor. However, as the Prez's cousin, one wonders about his qualifications for the job**. Nevertheless, George (the Prez) seems to like him, or at least feel a familial draw, because he's decided to pay him a visit here in Budapest.

Dropping in on your cousin seems like a friendly thing to do, doesn't it? Let's review: currently I'm sitting in my office listening to helicopters circling the downtown. Instead of taking five minutes to walk to work this morning, I took nearly half an hour; I live in the sixth district and must cross one of the major arteries of the city, Bajcsy-Zsilinszky, to get to work. Turns out you can't cross Baj-Zsil right now: no pedestrians, no car traffic, no nothing. The fifth district, where POTUS is headed for very important slabs of Eszterhazy torta, is surrounded right now with a triple ring: cops, another line of cops, and a throng of hapless Pestieks trying desparately to get to work. (The fifth district is Budapest's Wall Street, so much of the banking and associated companies are within the ring of cops. As is my office.) I joined a group of sweaty, briefcase-clutching investment bankers moving from crosswalk to crosswalk, pleading with the cops to let us across to our offices. Finally, we found one who ushered a group of us from Erzsebet Ter to Oktober 6th, obviously an act of mercy. All this rumpus is of course following on the three day towing extravaganza that has cleared the inner city (including my street) of thousands of parked cars. The length of Bajcsy, Deak Ter, etc have been under police wraps since Monday night. And on top of that, all the guests in the Meridian Hotel on Deak Ter got uncerimoniously booted, no warning, on Monday night to make room for crowds of buzz-cut guys with ear pieces Subtle. Of course, maybe it is a decoy, and POTUS is actually staying elsewhere.

The real question, raised by the ever-astute Favorite Husband last night, is: where does it end? What's actually reasonable for a state visit? Is protecting the life of POTUS worth shutting down public transportation for hours, preventing people from working, closing Hungarian airspace, bringing in a rocket-proof motorcade and American helicopters, a thousand security dudes on top of all the Hungos who are going to be involved? What's a reasonable expense for the American and Hungarian people to bear? I live in a flat that overlooks Bajcsy where POTUS's rocketproof limo drove moments ago: my living room window is a perfect sniper's perch, as are thousands of others along the street. (Note to Secret Service: that's not a threat to POTUS, just an observation.) Would it be reasonable to make everyone who has a Bajcsy-facing window leave their apartments while POTUS drives by? Would it be reasonable to clear the downtown entirely and shut all businesses for the day? Do George and George really need to eat goose liver together in Budapest if it causes all this fuss, disarray, and inconvenience?

Two observations: based on the comments I heard on the street going to work, the anti-Bush rally planned at 4 pm this afternoon in front of the US embassy on Szabadsag Ter is probably going to be a lot bigger than it would have been if POTUS hadn't pissed off so many Pestieks by coming to town.

The second observation is that this POTUS has taken a lot of flak for not traveling enough, for staying home in America and receiving our allies in the White House. Following this experience, I have to say that I think this may have been one of his better decisions.

*POTUS= President of the United States, for those not into Secret Service lingo
**Continuing the theme, our next ambassador is slated to be George's (the Prez) ex-girlfriend.

Posted by Janet at 10:38 AM | Permalink | Comments (0)

I have a nasty suspicion this is what I sound like to my colleagues...

Posted by Janet at 02:14 PM | Permalink | Comments (3)

Onfocus has a post on how to secure Google Calendar (and Gmail) automatically. You can do this by hand each time you go to the sites by entering an "s" after the http (i.e., https:), but by installing the user script Onfocus suggests in Mozilla Firefox, you can ensure that your connection is secure each time you visit the sites. Hooray.

Note, though, that this doesn't mean that your calendar and email data is secure from Google: goodness, no. They can peak at it whenever they like. What it does mean is that the man in the middle (between your computer and Google's servers) doesn't have access to your data. While in the West this may not be such a big deal (or it may, regrettably), these kinds of simple-to-install automatic services are increasingly useful for users in countries where surveillance is more likely to be the norm. For those looking for quick-and-dirty information security (imperfect but better than nothing), this is a good thing to keep on tap.

Posted by Janet at 01:00 PM | Permalink | Comments (2)

As patient colleagues and Favorite Husband will attest, I do really love RSS feeds, believe they will largely govern how we receive information in useful ways in the future, and use every opportunity I get to pester hapless compatriots into installing RSS feed readers. Inevitably, the questions are (in this order): what is RSS? And: what RSS reader do you use?

Much has been written on both those questions, and I generally point people to the RSS wikipedia page and tell them I use FeedDemon (yours for only 29.95!). Arguably, having delivered the impassioned pitch that I do about RSS, more is needed than that. Alexandra Samuel has taken things a step further, and set up RSStocracy, complete with site buttons to guide the uninitiated to wisdom:

Perhaps even more useful is a very recent article (last week) by Ryan Stewart and Richard MacManus on Read/Write Web comparing rich RSS readers...if you're in the market for an RSS reader anytime in the next six months, take a look at this article. After that, well...probably out of date. And don't skip the comments at the bottom.

Thanks, Marnie!

Posted by Janet at 10:14 PM | Permalink | Comments (0)

Irrawaddy, a print and online magazine covering all things Burma, ran a great article earlier this week on the American Association for the Advancement of Science's project on Human Rights and Geospatial Information. The article cited the work the AAAS team has undertaken to document the destruction of villages in Zimbabwe. Click on the thumbail image at right to see the images, taken three years apart. This is evidence that is stark, and very difficult to argue with: in the first shot, a village is clearly visible and in the second, only foliage remains in what is clearly the same location. Where did the village, and the people who live there, go? Amnesty International answers this in last week's press release :

Amnesty International today released the first-ever satellite images of the wholesale destruction of a large community in Zimbabwe -- providing the clearest possible evidence to date of the devastating impact of the Zimbabwean government's policy of house demolitions.

"These satellite images are irrefutable evidence -- if further evidence is even needed -- that the Zimbabwean government has obliterated entire communities -- completely erased them from the map, as if they never existed," said Kolawole Olaniyan, Director of Amnesty International's Africa programme.

The organization commissioned the satellite images to demonstrate the complete destruction of Porta Farm -- a large, informal settlement that was established 16 years ago and had schools, a children's centre and a mosque. The organization also released graphic video footage showing the forced evictions taking place prior to the demolitions.

Irrawaddy's interest in the Zimbabwe story is close to home: the AAAS team is looking to using satellite technology and geospatial information to shed light on village destruction in Burma's Karen State, according to the Irrawady article. The technology could potentially also be used to look for secret prisons in Burma, or document the illegal destruction of hardwood forests allowed by the Burmese military junta. The geospatial team at AAAS is also looking at Sudan as a possible case study.

For organizations that work to shed light on human rights abuses in places where observers can rarely go, this type of documentation is priceless -- not only because it documents what the outside world cannot see, but because the documentation is visual, and can be used to create a compelling and graphic story.

That said, satellite imagery can be thwarted. Clouds, it turns out, are the enemy of satellite imagery, and so monitoring time-sensitive events can easily be scuppered by cloud cover. The creation of satellite imagery is of course not constant, so capturing a specific, single event may also be difficult, particularly when factoring in weather and nighttime. The AAAS' website on this project has a good set of resources to learn more about the use of geospatial information in the human rights context, including satellite and data resources and organizations that work with GIS.

Posted by Janet at 08:26 PM | Permalink | Comments (0)

Professor Ron Deibert, director of The Citizen Lab at the University of Toronto, alerted me a few weeks ago to a brief and helpful resource now on their website: an FAQ on Psiphon, the tool for circumventing internet censorship that Citizen Lab is developing. Psiphon works a bit differently than other circumvention tools now available, relying on social networks, or, as the developers at Citizen Lab call them, "networks of trust":

Who will use Psiphon?

Psiphon operates through networks of trust. There are Psiphon providers, who install and run the server in an uncensored country and Psiphon users who login and access the server from a country that censors the Internet.

How does Psiphon work?

Psiphon acts as a "web proxy" for authenticated users, retrieving requested web pages and displaying them in a user's browser. Psiphon uses a secure, encrypted connection to receive web requests from the Psiphon user to the Psiphon provider who then transports the results back to the Psiphon user. There is no connection between the Psiphon user and the requested website, as Psiphon transparently proxies the request through the Psiphon provider's computer allowing the Psiphon user to browse blocked websites seamlessly.

Both the FAQ -- which makes a complicated idea very accessible to the non-technical end-user -- and the nearness of Psiphon's release are very good news for the growing number of countries where online censorship is not just a threat, but a reality.

The bad news is that censorship circumvention remains a game of cat and mouse, a point highlighted today in a press release from Reporters Without Borders. The report they issued focused on the increased control and filtering internet users are experiencing in China, particularly in terms of access to Google; for China internet watchers, this isn't entirely unexpected. Particularly alarming, though, were the final three paragraphs of the release:

At the same time, the authorities have largely managed to neutralise software designed to sidestep censorship since 24 May. Such software as Dynapass, Ultrasurf, Freegate and Garden Networks is normally used by about 100,000 people in China to gain access to news and information that is blocked by the firewall isolating China from the rest of the worldwide web.

Bill Xia, the US-based exile who created Dynapass, said the jamming of these programmes had reached an unprecedented level and he was convinced the authorities were deploying considerable hardware and software resources to achieve it.

Software engineers based abroad have been trying to update these programmes on the basis of information they have received from Internet users inside China. A new version of Dynapass was released a few days ago, but its effectiveness is still extremely limited.

This is bad news, although a tool like Psiphon may be able to step effectively into the breech, at least for a period of time.

Posted by Janet at 10:58 PM | Permalink | Comments (0)