- ooni-talk - lists.torproject.org

Report: Sierra Leone network disruptions amid 2018 runoff elections
by Maria Xynou 05 Apr '18

05 Apr '18

Hello, Today OONI and Sierra Leone's Campaign for Human Rights Development International (CHRDI) published a joint research report examining the network disruptions that occurred last weekend amid Sierra Leone's 2018 runoff elections. Our report is available here: https://ooni.torproject.org/post/sierra-leone-network-disruptions-2018-elec… https://twitter.com/OpenObservatory/status/981899863012139008 Throughout the election period, we have been coordinating on the collection and analysis of OONI Probe network measurements. OONI data did not show any signs of internet censorship, but the testing of WhatsApp and Facebook Messenger indicated some form of performance degradation on the network. Last weekend, locals reported that an internet blackout occurred following the runoff elections, so we referred to third party data sources to investigate further. Google traffic and BGP announcement data aggregated and published by RIPE show that two network disruptions occurred in Sierra Leone last weekend: 1. In the early hours of 30th March 2018 (before the runoff elections) 2. Late at night on 31st March 2018 and in the early hours of 1st April 2018 (after the runoff elections) We reached out to Sierra Leone Cable Company (SALCAB), Africell, Orange, and ACE to better understand how and why the two network disruptions occurred. So far, we have only received a reply from the Vice Chair of ACE, who claims that the network disruption was caused by an ACE submarine cable cut and that they did not receive any government orders to switch off the internet. SALCAB has also released a public statement, denying reports regarding government orders to shut down the internet, and arguing that the network disruptions were caused by issues pertaining to the cable cut. It's worth highlighting though that the two network disruptions appear to be different. In the first case, Google traffic and BGP data only show a partial disruption (with only a few ASNs and subnets affected), and neighboring Guinea and Liberia appear to have been affected as well. This could be explained by the ACE cable cut. In the second case however, Google traffic shows a complete drop in traffic from Sierra Leone to Google Search, while BGP data shows that most prefixes were withdrawn. No neighboring countries appear to be affected by the second disruption, even though it was more severe than the first. This suggests that an internet blackout likely occurred. We will update our report when/if we receive further information from the providers we reached out to. Thanks for reading, and please feel encouraged to share any information you may have on this case. Thank you. ~ OONI team. ** -- Maria Xynou Research and Partnerships Coordinator Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

New methodology: Investigating internet blackouts
by Maria Xynou 04 Apr '18

04 Apr '18

Hello, It's 404 day and I'd like to announce that the OONI team is creating a new methodology for investigating internet blackouts worldwide! OONI Probe is designed to measure various forms of censorship, but internet blackouts (i.e. when the internet is switched off completely) is not currently one of them. We have therefore relied on third party data sources (such as Google traffic and BGP announcement data published by RIPE) to investigate internet blackouts. While these data sources are extremely useful, the problem is that it's challenging to drill down to internet blackouts that occur on a regional level, and to collect more fine-grained metrics. We therefore thought: Why not engage our existing, global OONI Probe community to investigate internet blackouts on the ground? To this end, we're experimenting with the creation of a new methodology that will be included in future OONI Probe mobile app releases, enabling community members to participate in internet blackout investigations. If you're interested in learning all the technical details (and the reasoning behind our choices), please read our documentation: https://ooni.torproject.org/post/investigating-internet-blackouts/Investiga… Otherwise, please read our announcement blog (https://ooni.torproject.org/post/investigating-internet-blackouts/) and share the word (https://twitter.com/OpenObservatory/status/981554659763638273) This methodology is quite experimental. We'd appreciate any feedback you can provide! Thanks, Maria (on behalf of the OONI team). -- Maria Xynou Research and Partnerships Coordinator Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

Reminder: OONI Community Meeting tomorrow
by Maria Xynou 26 Mar '18

26 Mar '18

Hello, I'm sending this email as a reminder that OONI's March community meeting will take place tomorrow. Where: https://slack.openobservatory.org (OONI Slack channel) or #ooni on IRC When: Tuesday, 27th March 2018 at 14:00 UTC (for 1 hour) Please add topics that you would like to discuss as part of the meeting here: https://pad.riseup.net/p/ooni-community-meeting Looking forward to connecting with you tomorrow! Cheers, Maria. -- Maria Xynou Research and Partnerships Coordinator Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

OONI Community Meeting: Tuesday 27th March 2018
by Maria Xynou 23 Mar '18

23 Mar '18

Hello, The OONI team warmly welcomes you to join us next week for our monthly community meeting. Where: https://slack.openobservatory.org/ (OONI Slack channel) When: Tuesday, 27th March 2018 at 14:00 UTC (for 1 hour) We'd love to hear your thoughts and suggestions on how we can improve our tools and research methodologies. Please add topics that you would like to discuss as part of the meeting in this pad: https://pad.riseup.net/p/ooni-community-meeting If you're not able to join us, please feel encouraged to join us on Slack or IRC any other day! Looking forward to connecting with you soon! All the best, ~ The OONI team. -- Maria Xynou Research and Partnerships Coordinator Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

Iran Protests: DPI blocking of Instagram (Part 2 of research)
by Maria Xynou 15 Feb '18

15 Feb '18

Hello, Earlier this year we published research on the blocking of Telegram and Instagram during the Iran protests: https://ooni.torproject.org/post/2018-iran-protests/ OONI's Leonid has carried out further analysis of network measurements, based on which he found that Instagram was blocked through the use of DPI which targeted the TLS protocol during the Iran protests. His findings are available in OONI's latest blog post: https://ooni.torproject.org/post/2018-iran-protests-pt2/ (https://twitter.com/OpenObservatory/status/964054743143321600) We previously thought that Instagram was blocked by means of DNS tampering, but that turned out to be a false positive (it was in fact blocked by DPI targeting TLS). This is yet another case that shows the challenges in terms of accurately identifying cases of DNS-based censorship, and distinguishing them from false positives. There are many other cases that may look like DNS-based censorship, but aren't. Leonid previously published a post identifying cases of DNS misconfiguration: https://ooni.torproject.org/post/not-quite-network-censorship/ We therefore encourage you to please reach out if you'd like to share knowledge/ideas/heuristics that can help improve our methodologies in relation to identifying cases of DNS-based censorship (and distinguishing them from false positives). Our current methodologies are available here: https://ooni.torproject.org/nettest/web-connectivity/ (and here are some of our ideas for future tests: https://github.com/TheTorProject/ooni-probe/issues/647) Thank you! ~ The OONI team. -- Maria Xynou Research and Partnerships Coordinator Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

New post on mining OONI data
by Maria Xynou 07 Feb '18

07 Feb '18

Hello, OONI's Leonid published a post today which explains how to mine OONI data via Amazon S3 buckets and other sources: https://ooni.torproject.org/post/mining-ooni-data/ As you may already know, OONI data is publicly available via OONI Explorer and the OONI API (https://ooni.torproject.org/data/) but these resources currently present various limitations. If you're interested in downloading the full batch of raw OONI data faster, you can do so via the ooni-data Amazon S3 bucket. The post provides instructions and examples of extracting OONI data from Amazon S3 buckets. Instead of downloading all OONI data, you may find it useful to work with a metadata database to identify the subset of measurements that you want to download for further processing. In this case, you can get a PostgreSQL database dump and run SQL queries on it. Learn more through the post. Happy mining! -- Maria Xynou Research and Partnerships Coordinator Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

OONI Community Meeting: Tuesday 30th January 2018
by Maria Xynou 29 Jan '18

29 Jan '18

Hello, The OONI team warmly welcomes you to join us next week for our monthly community meeting. Where: https://slack.openobservatory.org/ (OONI Slack channel) When: Tuesday, 30th January 2018 at 14:00 UTC (for 1 hour) We'd love to hear your thoughts and suggestions on how we can improve our tools and research methodologies. Please add topics that you would like to discuss as part of the meeting in this pad: https://pad.riseup.net/p/ooni-community-meeting If you're not able to join us, please feel encouraged to join us on Slack or IRC any other day! Looking forward to connecting with you soon! All the best, ~ The OONI team. -- Maria Xynou Research and Partnerships Coordinator Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 1

New tests included in OONI Probe mobile apps
by Maria Xynou 16 Jan '18

16 Jan '18

Hello Oonitarians, The latest release of the OONI Probe mobile apps includes 3 new tests: 1. WhatsApp test: https://ooni.torproject.org/nettest/whatsapp/ 2. Facebook Messenger test: https://ooni.torproject.org/nettest/facebook-messenger/ 3. Telegram test: https://ooni.torproject.org/nettest/telegram/ These tests are designed to measure the blocking of WhatsApp, Facebook Messenger, and Telegram. They were already included in the desktop versions of OONI Probe (Linux and macOS), but now they have also been integrated in the mobile versions as well (Android and iOS). This means that you can easily run these tests with the tap of a button (literally) via the OONI Probe mobile apps! WhatsApp and Facebook Messenger are frequently blocked in many countries around the world, while Telegram was recently blocked in Iran. By running these tests, you can collect network measurement data showing which ISPs block these apps, how, when, and where. If you're an Android user, consider enabling the "Run tests automatically" option in the settings for automatic daily testing. You can install the OONI Probe mobile apps via the following links: * Android: https://play.google.com/store/apps/details?id=org.openobservatory.ooniprobe * iOS: https://itunes.apple.com/us/app/id1199566366 Happy to address any questions. Cheers, Maria. -- Maria Xynou Research and Partnerships Coordinator Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

OONI in 2018
by Maria Xynou 09 Jan '18

09 Jan '18

Hello friends, Happy new year! Wish you all the very best for 2018 (and all the other years to come). As the end of 2017 approached, we published a blog post summarizing some OONI highlights from 2017: https://ooni.torproject.org/post/ooni-in-2017/ Many of these things wouldn't have been possible without the measurements you collect, the test lists you review, the research reports you contribute to, the feedback you provide, and your tireless community engagement efforts. So on behalf of the OONI team, I would like to warmly THANK YOU all for everything! We have exciting things coming up for 2018 and we hope to collaborate with you on them. These are listed in the aforementioned blog post, and include: 1. *New OONI Probe desktop apps for Windows and macOS:* Our aim is to build desktop apps <https://ooni.torproject.org/post/writing-a-modern-cross-platform-desktop-ap…> that are as easy to install and use as popular software, enabling more communities to engage with censorship measurement research. 2. *Censorship Alert System:* We aim aim to disseminate timely alerts of emergent censorship events around the world through the analysis of OONI data. 3. *Internet Blackout Monitoring methodology:* We’ll be creating a methodology <https://ooni.torproject.org/post/examining-internet-blackouts/> for automatically detecting and examining internet blackouts (i.e. when the internet as a whole is rendered inaccessible), supporting #KeepItOn <https://www.accessnow.org/keepiton/> and other advocacy efforts. 4. *OONI Probe Orchestration System (OPOS):* Dynamically instrumenting <https://github.com/TheTorProject/ooni-spec/blob/master/opos/OONI-Probe-Orch…> the collection of OONI Probe measurements from around the world, particularly in response to emergent censorship events. 5. *Revamped OONI Explorer:* We’ll be revamping OONI Explorer <https://explorer.ooni.torproject.org/world/> to improve upon its design and usability, enable the export of CSV files, and to present the top censorship findings per country based on OONI data (which will automatically be updated on an ongoing basis). 6. *Revamped mobile apps:* We’ll be revamping the OONI Probe mobile apps <https://ooni.torproject.org/install/> to improve upon their design and usability, and to include more tests. 7. *Revamped OONI website:* We’ll also be revamping the OONI website <https://ooni.torproject.org/> to improve upon its design and usability and to include more content pages. 8. *Research reports:* We’re eager to work with you to publish more research reports on internet censorship. We'll be reaching out to you for specific feedback and involvement, but for now, I just wanted to share a brief overview. Feedback is always appreciated, and happy to address any questions you may have. Looking forward to an exciting year! Cheers, Maria. -- Maria Xynou Research and Partnerships Coordinator Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

Iran Protests: OONI data confirms censorship events
by Maria Xynou 05 Jan '18

05 Jan '18

Hi, OONI just published a report on the analysis of network measurements collected from (7 networks in) Iran over the last week, confirming the blocking of Telegram, Instagram, and Facebook Messenger. This report is available here: https://ooni.torproject.org/post/2018-iran-protests/ OONI data shows that Iranian ISPs started blocking access to Telegram and Instagram on 31st December 2017 by means of DNS and TCP blocking. Irancell (AS44244) however only started blocking access to these services on 2nd January 2018. Facebook Messenger was already blocked (by means of DNS tampering), independently from the recent protests. We previously reported on the blocking of Facebook Messenger in our last Iran report: https://ooni.torproject.org/post/iran-internet-censorship/ OONI data shows that WhatsApp is accessible in all tested networks in Iran. Tor Metrics show a spike in Tor usage in Iran on 31st December 2017 (most likely in response to the blocking of Telegram and Instagram), but a sudden drop thereafter, indicating an increased blocking of the Tor network. OONI data corroborates Tor Metrics and suggests that Iranian ISPs started throttling access to the Tor network on 31st December. Some ISPs started blocking access to the Tor network on 1st January. But the Tor network appeared to be blocked in all networks (where measurements were collected) in Iran on 2nd January 2018. To circumvent the censorship, we recommend the use of obfs4 bridges (particularly since bridge reachability tests show that they work). We will continue to monitor the situation. If you're interested in reproducing these findings in Iran, you can do so by running OONI Probe: https://ooni.torproject.org/install/ All network measurement data is made publicly available: https://ooni.torproject.org/data/ All the best, Maria. -- Maria Xynou Research and Partnerships Coordinator Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0