rigorousintuition.ca

Telecoms Helped Iran Government Censor Internet

http://www.youtube.com/watch?v=B_aqlTPRg_U

Deep Packet Inspection: Telecoms Aided Iran Government to Censor Internet, Technology Widely Used in US
http://www.democracynow.org/2009/6/23/d ... aided_iran

FREE PRESS
www.freepress.net

As thousands in Iran turn to the web to make their voices heard around the world, a new report finds telecoms in Europe have helped the Iranian government develop one of the worlds most sophisticated mechanisms to censor the internet. Its called deep packet inspection, and its also being used here at home. We speak with Josh Silver, executive director of Free Press.

The way deep packet inspection works is that you have sophisticated equipment that literally watches the entire internet, and it watches for every piece of data, voice, video that goes through and pulls out key words, it pulls out key—both written and spoken, and looking for things like rebel or grenade or what have you. And then it will trigger that, and that will go to the NSA version, in this case, in the country of Iran.companies like Cisco out in California, that have the ability to do this. Now, were not saying that AT&T, Verizon and Comcast are like the Iranian government, but we do see a problem where even our own president, with his progressive internet policy agenda, last year flipped on this issue and actually supported a Bush administration law that granted immunity to the largest phone and cable companies for turning over citizens private records to the government, which was illegal at the time.

But the potential of this technology to give government this sort of Big Brother monitoring ability, which goes way beyond any of the constitutional protections that are in our original Constitution, are really a cautionary tale and should have everyone in this country on notice. It is notable that theres been very little follow-up coverage of this issue since yesterdays Wall Street Journal piece.

The warrantless wiretapping program was widely considered illegal. After abruptly switching his position in midcampaign, then-Sen. Barack Obama voted along with most in Congress to grant telecom companies like AT&T and Verizon retroactive immunity from prosecution. The New York Times recently reported that the NSA maintains a database called Pinwale, with millions of intercepted e-mail, including some from former President Bill Clinton.

U.S. Attorney General Eric Holder was recently asked by Sen. Russ Feingold if he felt that the original warrantless wiretap program was illegal:

Feingold: [I]s there any doubt in your mind that the warrantless wiretapping program was illegal?

Dissenters in Iran and Cha persist despite repression that is enabled in part by equipment from U.S. and European companies. In the U.S., the Obama administration is following a dangerous path with Bush-era spy programs that should be suspended and prosecuted, not extended and defended.

To find out more about deep packet inspection and concerns about how this kind of technology can be used, were joined via Democracy Now! video stream by Josh Silver, the executive director of Free Press, freepress.net.

WSJ: Nokia, Siemens Help Iran Spy on Internet Users
By Kim Zetter June 22, 2009 | 3:10 pm | Categories: Surveillance


How do you say “Operation Pinwale” in Farsi?

According to a somewhat confusing Wall Street Journal story, Iran has adopted NSA-like techniques and installed equipment on its national telecommunication network last year that allows it to spy on the online activities and correspondence — including the content of e-mail and VoIP phone calls — of its internet users.

Nokia Siemens Networks, a joint venture between Germany’s Siemens and Finland’s Nokia, installed the monitoring equipment late last year in Iran’s government-controlled telecom network, Telecommunication Infrastructure Co., but authorities only recently engaged its full capabilities in response to recent protests that have broken out in the country over its presidential election.

The equipment allows the state to conduct deep-packet inspection, which sifts through data as it flows through a network searching for keywords in the content of e-mail and voice transmissions. According to the Journal, Iran seems to be doing this for the entire country from a single choke point. “Seems,” because although the Journal states that Nokia Siemens installed the equipment and that signs indicate the country is conducting deep-packet inspection, the paper also says “it couldn’t be determined whether the equipment from Nokia Siemens Networks is used specifically for deep packet inspection.”

Although the Journal has published questionable “spying” stories in the past, we’re willing to go with them on this one.

It’s previously been reported that Iran was blocking access to some web sites for people inside the country as protesters took to the streets and the internet to dispute the results of the country’s recent presidential election.


But sources told the Journal that the government’s activities have gone beyond censorship to massive spying. They say the deep-packet inspection, which deconstructs data in transit then reconstructs it, could be responsible for network activity in Iran having recently slowed to less than a tenth of its regular speed. The slowdown could be caused by the inspection at a single point, rather than at numerous network points, as China reportedly does it.

A brochure promoting the equipment sold to Iran says the technology allows for “the monitoring and interception of all types of voice and data communication on all networks.”

A spokesman for Nokia Siemens Networks defended the sale of the equipment to Iran suggesting that the company provided the technology with the idea that it would be used for “lawful intercept,” such as combating terrorism, child pornography, drug trafficking and other criminal activity. Equipment installed for law enforcement purposes, however, can easily be used for spying as well.

“If you sell networks, you also, intrinsically, sell the capability to intercept any communication that runs over them,” the spokesman told the Journal.

He added that the company “does have a choice about whether to do business in any country” but said, “We believe providing people, wherever they are, with the ability to communicate is preferable to leaving them without the choice to be heard.”

In March, the company sold off its monitoring technology to a German investment firm.

Nokia doing business with Turkmenistan dictatorship
Finnish film documents foreign business dealings with oppressive regime

The controversial so-called Lex Nokia bill was approved by the Finnish Parliament (Eduskunta) in a divided vote 96 to 56, with 47 Members of the Parliament not casting their vote. The Government ranks were split and public opinion was overwhelmingly against it – polls showed that as many as 78% of Finns opposed the bill.

The proposed bill had an amazing development from the beginning. In autumn 2004, a law on data protection for electronic communication came into effect, but the business community was never happy with it. According to Helsingin Sanomat, Finland’s main daily newspaper, by that time “Nokia continues to spy on the e-mails of its employees”.

The origin of the newly-passed bill goes back to April 2005 when Nokia made a criminal complaint to the National Bureau of Investigation (NBI) concerning a suspicion that corporate secrets had been leaked to the Chinese competitor Huawei via e-mail. Two months before, a Nokia employee had discovered at the International Communication Fair in Cannes, France, that the power unit of a Huawei phone looked identical to Nokia’s product presented at the same fair. Looking for evidence of a leak, Nokia started to dig through the employee’s e-mail.

According to the law experts, the company was acting outside the law and violating the employee’s fundamental right of confidential communication, but the company did not freely accept these comments. According to Helsingin Sanomat, “The company felt that the law, and not Nokia, had it wrong.”

The influential paper states that at this point the world leader of the mobile phone industry took out it most severe weapon: it threatened to leave Finland if the law was not changed. This would be a devastating blow to the State budget, since the State receives an annual 1.3 billion euros from Nokia, which means one-fifth of the entire corporate taxes of Finland. On the prime-time TV programme “A-Plus”, Nokia CEO Oli-Pekka Kallasvuo denied that Nokia had made any pressure, “Nokia is not thinking of leaving Finland. We don’t have any preconceived plans in this respect.”

Prime Minister Matti Vanhanen and Nokia spokeswoman Arja Suominen also rejected all the accusations. “Nokia is in no way threatening to move,” she said to the New Agency SST, adding that “Helsingin Sanomat’s article is quite polemic. It contains many mistakes and misunderstandings.” Despite this affirmation, at the time of going to print, no lawsuit has been filed by Nokia against Helsingin Sanomat for the article.

After these negations, high-ranking civil servants came out to state that during the preliminary stage of the bill preparation representatives of the Confederation of Finnish Industries came strongly in negotiations to support the law. Helsingin Sanomat quotes the Under-Secretary to the Ministry of Economic Affairs, Markku Wallin, as saying, “During the preparation process of the law, there were threats made that Nokia would leave Finland if the law didn’t pass.” The director of the Union of Salaried Employees, Antti Rinne, also told the newspaper that he had heard of the threat.

Once the bill went to Parliament in April 2008, the Constitution Law Committee called eight of the most prominent Finnish law experts. Seven of them rejected the bill as being in contradiction with the basic constitutional rights regarding the freedom of expression. After this overwhelming opinion of the law professors, the chairman of the Constitutional Committee Kimmo Sasi told media, “It is true that academicians are not supporting the bill, but we thought in a different way.”

The new data protection law allows employers to monitor their workers electronic correspondence for information including the sender and the recipient of e-mails, the time it was sent and the size of its attachment. So far, the law, by itself, does not allow digging into the contents of the message, but the major fear of critics of the law is that anyone furnishing internet services (not only employers, but also libraries, or schools) can look into what internet pages one visits and to whom is sending emails. From this to blackmail, pressures and misuse of data is only a step.

One of the academicians that spoke to the Constitutional Committee was Information and Technology Law Professor Jukka Kemppinen said that, in the final instance, the law is about the right to free expression. How does this go with Nokia’s slogan “Connecting people” which implies connections are made on the bases of free expression ?

nathan28 wrote:I'd be curious why the telecoms cooperate so readily. It is another schizophrenic symptom--B-roc institutes Warrantless Wiretaps We Can Believe In, meanwhile in Iran the same (US) companies help the gov't spy their. Seems, hmm, oddly duplicitious--Helping Us And Our State Enemies--but at the same time oddly consistent.

I have a Sprint modem, so my IP is dynamic (at least whenever I check it it is)

Jim Killock (Open Rights Group): The Irish and Slovakian governments have just lost a battle in the European Court of Justice to stop the EU's Data Retention Directive, which is already in force in the UK. This means that all EU states have to compel operators to keep network traffic we all generate - a serious erosion of our fundamental human right to privacy.

Let's not pretend that the Irish government were acting to protect our privacy however - they already force Irish ISPs to retain communications traffic data for three years. Their stance was political, standing against the use of market harmonisation procedures, with their use of qualified majorities, for matters which ought to be dealt with unanimously as police matters.

The judgement implies that retention of our data is a commercial matter, and not a policing matter; but far more fundamental - as we and forty one other human rights and privacy organisations argued to the court is the incompatibility of this directive with human rights law.

Our privacy is recognised by European and British courts as a matter of right. The European Human Rights Convention states quite clearly that we have a right to a private life and correspondence, and the European Court of Human Rights has stated that traffic data is ‘an integral element in the communications made'.

We argued at the time that the Irish government started their case that the Directive should be rejected on purely human rights grounds. Now that this argument has in effect been finally rejected, along with the Irish government's political pleas, it's worth going back and seeing what human rights organisations said to the Court. I've selected here just a few ways that data retention could lead to abuses in a very real way. (It's a long document but well worth looking at in full. Some of the problems may well come back to bite us in years to come.)

Furthermore, retaining traffic data creates potential risks of abuse by state agencies. Traffic data can be extremely useful for political control, eg by intelligence agencies. Experience shows that the risk of powers being abused, especially where they are exercised in secret, must not be underestimated even in Europe.

Furthermore, where the government prevents the effective protection of personal data because of its appetite for surveillance, it opens up the gates for misuse of the data by third parties. Innumerable facts about the private life of prominent members of the public could be obtained by analysing traffic data. In the event of unauthorised access to retained traffic data, politicians could be forced to resign and officials could be blackmailed.

...

Where data retention takes place, citizens constantly need to fear that their communications data may at some point lead to false incrimination or governmental or private abuse of the data. Because of this, traffic data retention endangers open communication in the whole of society. Individuals who have reasons to fear that their communications could be used against them in the future will endeavour to behave as unsuspiciously as possible or, in some cases, choose to abstain from communicating altogether. Such behaviour is detrimental to a democratic state that is based on the active and unprejudiced involvement of citizens. This chilling effect is especially harmful in cases which attract abuses of power, namely in the case of organisations and individuals who are critical of the government or even the political system. Blanket traffic data retention can ultimately lead to restricted political activity, bringing about damage to the operation of our democratic states and thus to society.

Traffic data retention also causes increased efforts in the development of countermeasures such as technologies of anonymisation. Where the state indirectly encourages anonymous communications in its pursuit of surveillance, it will ultimately damage its power to intercept telecommunications even in cases of great danger.

Main Results of the Council: The Council adopted a Declaration condemning the terrorist attacks on London.

COUNCIL DECLARATION ON THE EU RESPONSE TO THE LONDON BOMBINGS

The Council adopted the following Declaration:

"The Council of the European Union:

1. Condemns the terrorist attacks on London. It sends its profound condolences to the victims and their families, in honour of whom two minutes of silence will be held across the European Union on Thursday 14 July at 12:00 (London time). It stands united in solidarity as it did after the attacks on Madrid last year, and is absolutely determined that the terrorists will not succeed.

2. Considers that the attacks are an affront to universal values on which the European Union is based. Central to those values is a commitment to democratic and open institutions and societies governed by the rule of law within which people of all faiths and backgrounds can live, work and prosper together. The terrorists who reject that commitment and seek to use violence to impose their ideas will be defeated.

3. Strengthens its commitment to combating terrorism and upholding the fundamental principles of freedom, security and justice. Working with the assistance of the EU Counter-Terrorism Co- ordinator, and with the European Commission and the European Parliament, the Council will accelerate implementation of the EU Action Plan on Combating Terrorism and other existing commitments.

4. Declares that its immediate priority is to build on the existing strong EU framework for pursuing and investigating terrorists across borders, in order to impede terrorists' planning, disrupt supporting networks, cut off any funding and bring terrorists to justice.

- The Council will:

agree the Framework Decisions on the Retention of Telecommunications Data (October 2005), on the European Evidence Warrant (December 2005), and on the exchange of information between law enforcement authorities (December 2005); adopt the Decision on the exchange of information concerning terrorist offences (September 2005);
combat terrorist financing by: agreeing by December 2005 a Regulation on Wire Transfers; adopting the Third Money Laundering Directive and the Regulation on cash control by September 2005; agreeing a Code of Conduct to prevent the misuse of charities by terrorists (December 2005); reviewing the EU's performance overall (December 2005) and urging Member States to ensure that comprehensive financial investigation is a part of all terrorist investigations and to develop robust asset freezing powers.

- In addition, the Council urges Member States to:
intensify the exchange of police and judicial information, in particular through Europol (and its Counter-Terrorist Task Force) and Eurojust, and improve support from Member States' security and intelligence services to the EU Situation Centre, in accordance with the Hague Programme (report December 2005);

improve information sharing on lost and stolen explosives, including by drawing on the Commission's forthcoming communication on explosives.
implement the recommendations that arise from the peer evaluation process in order to improve national counter-terrorism arrangements and capabilities.
make full use of joint investigation teams.

- The Council calls on the Commission to:
present proposals on data protection principles in the field of law enforcement and, in accordance with the Hague programme, on the principle of availability by October 2005 and, on that basis, to bring forward the communication on enhanced interaction between the VIS, SIS II and EURODAC and proposal for law enforcement access to the VIS by November 2005.

nathan28 wrote:I'd be curious why the telecoms cooperate so readily. It is another schizophrenic symptom--B-roc institutes Warrantless Wiretaps We Can Believe In, meanwhile in Iran the same (US) companies help the gov't spy their. Seems, hmm, oddly duplicitious--Helping Us And Our State Enemies--but at the same time oddly consistent.

I have a Sprint modem, so my IP is dynamic (at least whenever I check it it is)

PC giants ship Chinese censorware anyway

The porn filter that keeps you from typing

By Cade Metz in San Francisco

Though the Chinese government has delayed plans to require the shipment of the highly-controversial Green Dam filtering app with all new PCs, several big-name PC manufacturers are shipping the thing anyway.

According to the Associated Press, Acer, Sony, and China's the Haier Group are including Green Dam on disk with new PC shipments to China, while Lenovo is offering the censorware either pre-installed or on disk. Taiwan's BenQ told the news service that Green Dam was loaded on the hard drives of its computers.

Sony said it did not know how long it would ship the software, while Acer and Lenovo said the software had already been paired with machines before the Chinese government decide to delay its mandate. Other PC giants - including HP, Dell, and Toshiba - are still undecided on whether they include Green Dam with new PCs.

Originally, Beijing said it would require the shipment of Green Dam with all new PCs beginning yesterday, July 1. Beijing then appeared to abandon the plan, but according to the English language China Daily, the mandate has simply been delayed.

"The government will definitely carry on the directive on Green Dam. It's just a matter of time," an unnamed official told China Daily. The official went on to say that it delayed the mandate because some PC manufacturers were unable to meet the original deadline. "What will happen is that some PC manufacturers will have it included with their PC packages sooner than the others," he said.

And that's indeed the case.

In shipping the software, Acer, Sony, and Lenovo have defied cease and desist letters from US software maker Solid Oak, which claims that Green Dam includes code pirated from its Cybersitter net-filtering tool.

"We're not pleased," Solid Oak CEO Brian Milburn tells The Reg. "They've basically ignored our [cease and desist letters]. I assume they feel they feel they'll deal with it when the time comes. But at this point, they're knowing infringers. They're distributing pirated software. I find it kind of ironic that a company like Sony - which aggressively attacks piracy of its movies and music catalog - turns around and pushes out CDs with their computers that contain pirated content."

Solid Oak details its claims here (PDF), listing proprietary Cybersitter files distributed with Green Dam and pointing to similarities in the interfaces fronting the two apps.

The software maker is exploring the possibility of suing the makers of Green Dam - Jinhui Computer System Engineering and Dazheng Language Knowledge Process Technology Co. Ltd. - as well as those PC manufacturers who've shipped the censorware. "We're talking with both attorneys here in the United and China," Milburn says. "We're trying to distill all this information down and decide what we need to do."

Multiple Chinese law firms, Milburn tells us, have offered to represent the company free of charge.

Beijing bills Green Dam as a means of protecting children from online smut, associating a porn-free net with greenness. But according to Solid Oak and independent researchers who have examined the censorware, it also prevents PC users from reading online political material - or even typing certain terms or urls on their own machines.

"The version of the Green Dam software that we tested, when operating under its default settings, is far more intrusive than any other content control software we have reviewed," reads a report from the OpenNet Initiative.

"Not only does it block access to a wide range of web sites based on keywords and image processing, including porn, gaming, gay content, religious sites and political themes, it actively monitors individual computer behavior, such that a wide range of programs including word processing and email can be suddenly terminated if content algorithm detects inappropriate speech."

This is confirmed by Brian Milburn and Solid Oak. If you type certain words related to Falun Gong, for instance, Green Dam shuts down your notepad.

What's more, Milburn says, Green Dam is now "almost useless" as smut filter. After Solid Oak complained of piracy, he says, Green Dam's developers disabled Cybersitter's porn blacklist. "Their own blacklist has only about 6,000 sites on it and many don't exist any more," Milburn tells us. "You can surf all day for porn and you won't be blocked." ®