- ooni-talk - lists.torproject.org

OONI article for Data Driven Journalism project
by Maria Xynou 25 Oct '17

25 Oct '17

Hello Oonitarians, Today the Data Driven Journalism project published our article on "Investigating internet censorship with OONI data", which you can read here: http://datadrivenjournalism.net/resources/ooni_data Cheers, Maria. -- Maria Xynou Research and Partnerships Coordinator Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

OONI team meeting in Montreal
by Maria Xynou 21 Oct '17

21 Oct '17

Hello Oonitarians, The OONI team met in Montreal for a 4-day meeting (right before the Tor meeting) between 7th-10th October 2017. We published a post where we share: * The main things we're working on these days * Information about the sessions we held at our meeting and session notes * Meeting outcomes You can read this post here: https://ooni.torproject.org/post/ooni-team-meeting-montreal-2017/ We'd love to hear your thoughts and address any questions you may have. Cheers, Maria. -- Maria Xynou Research and Partnerships Coordinator Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

New Report on Internet Censorship in Pakistan
by Maria Xynou 18 Oct '17

18 Oct '17

Hello Oonitarians, Today, in collaboration with Bytes for All Pakistan, the Open Observatory of Network Interference (OONI) published a research report examining internet censorship in Pakistan over the the last three years. The report, titled "*Internet Censorship in Pakistan: Findings from 2014-2017*", is available here: https://ooni.torproject.org/post/pakistan-internet-censorship/ https://twitter.com/OpenObservatory/status/920588717508751360 This study includes an analysis of thousands of network measurements collected (through the use of OONI Probe) from 22 local vantage points in Pakistan over the last three years. We *confirm the blocking of 210 URLs in Pakistan*. Explicit blockpages were served for many of those URLs, while others were blocked by means of DNS tampering. In many cases, Pakistani ISPs appear to be applying "smart filters", selectively blocking access to specific webpages hosted on HTTP, rather than blocking access to entire domains. Overall, we only found ISPs to be blocking the HTTP version of sites, potentially enabling censorship circumvention over HTTPS (for sites that support encrypted HTTPS connections). We found a wide range of different types of sites to be blocked, including LGBT sites, communication tools, and pornography, amongst others. Notably, most of the blocked URLs include: * Sites hosting content pertaining to the controversial "Everybody Draw Mohammed Day" * Web proxies The blocking of sites related to "Draw Mohammed Day" is legally justified under Pakistan's Penal Code, which prohibits blasphemy. Similarly, the blocking of other sites (such as pornography and other sites promoting provocative attire) can be justified under Pakistan's laws and regulations. However, we also found the *sites of the Baluch and Hazara ethnic minority groups to be blocked *as well. According to human rights groups, these minorities have experienced discrimination and abuse by authorities. These censorship events may be politically motivated. On a positive note, we found popular communication tools, like WhatsApp and Facebook Messenger, to be accessible. Quite similarly, the Tor network was accessible in most networks throughout the testing period. All data collected from Pakistan is publicly available here: https://api.ooni.io/files/by_country/PK ~ The OONI team. -- Maria Xynou Research and Partnerships Coordinator Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

Report on blocking of Catalan referendum sites
by Maria Xynou 03 Oct '17

03 Oct '17

Hello Oonitarians, Today, in collaboration with our friends at Virtual Road, OONI published a post on the blocking of Catalan referendum sites. You can read our post here: https://ooni.torproject.org/post/internet-censorship-catalonia-independence… This report links to network measurements collected from three local networks over the last week, examining the blocking of domains associated to Catalonia's independence referendum. *Our findings confirm the blocking of 25 Catalan referendum sites between 25th September 2017 (when OONI Probe testing started) to 1st October 2017 (referendum day).* France Telecom Espanya (AS12479) and Euskaltel (AS12338) blocked these sites by means of DNS tampering, while Telefonica/Movistar (AS3352) served block pages through the use of HTTP transparent proxies. While Telecom Espanya and Euskaltel were not found to be blocking seized .cat domains, we found Telefonica to be serving block pages even for .cat domains already seized. This case highlights the need to measure internet censorship everywhere, even in countries that we consider to be less likely to censor information. We can't go back in time and run measurements, but we can always be prepared. ;) You can consider running OONI Probe in your country through our installation information here: https://ooni.torproject.org/install/ You can also explore OONI data further here: https://explorer.ooni.torproject.org/world/ All the best, Maria. -- Maria Xynou Research and Partnerships Coordinator Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

OONI community meeting, tomorrow 29th September
by Maria Xynou 28 Sep '17

28 Sep '17

Hello Oonitarians! The OONI team warmly welcomes you to join us**for our *monthly **community meeting tomorrow**, Friday 29th September 2017, at 14:00 UTC.* This week we launched OONI Run (https://run.ooni.io/) a new OONI Probe mobile app feature that enables you to choose the sites you want to test for censorship. We also published a research report on Iran: https://ooni.torproject.org/post/iran-internet-censorship/ We'd love to hear your thoughts and suggestions on how we can improve our tools and research methodologies. Please join us tomorrow on *https://slack.openobservatory.org* and add topics that you would like to discuss as part of the meeting in this pad: https://pad.riseup.net/p/ooni-community-meeting If you're not able to join us, please feel encouraged to join us on slack any other day! Looking forward to connecting with you soon! All the best, ~ The OONI team. -- Maria Xynou Research and Partnerships Coordinator Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

New report: Internet Censorship in Iran, 2014-2017
by Maria Xynou 28 Sep '17

28 Sep '17

Hello Oonitarians, Today, in collaboration with ASL19, ARTICLE 19 and Small Media, the OONI team released a new research report: *Internet Censorship in Iran: Network Measurement Findings from 2014-2017.* You can read the report here: https://ooni.torproject.org/post/iran-internet-censorship/ We also published a summary of the report on the Tor blog: https://blog.torproject.org/internet-censorship-iran-findings-2014-2017 https://twitter.com/OpenObservatory/status/913454524450447365 This study involves the analysis of thousands of network measurements collected from 60 networks across Iran over the last 3 years. OONI data confirms the blocking of 886 domains (and 1,019 URLs overall), most of which include news outlets and human rights sites. The breadth and scale of internet censorship in Iran is pervasive, since we found a wide range of different types of sites to be blocked, with the blocking extending beyond a simple definition of legality. Blocked domains include search engines (such as google.com and duckduck.go), online social networks (e.g. facebook.com, twitter.com, plus.google.com) media sharing platforms (e.g. instagram, flickr.com, youtube.com) blogging platforms (e.g. wordpress.com, blogger.com) and communication tool sites (such as viber.com and paltalk.com) We also found Facebook Messenger to be blocked by means of DNS tampering. But**blocked domains also include opposition sites, pro-democracy sites, and even the sites of digital rights groups in our community, such as: EFF, CDT, Freedom House, ASL19, ARTICLE 19, Global Voices, The Citizen Lab, and Reporters Without Borders. Iranian ISPs appear to have shifted their practices from applying "smart filters" (only censoring specific webpages) to "blanket censorship" (censoring entire sites). Previously, they used to limit their censorship to specific webpages hosted on HTTP. But over the last years, as more sites have adopted HTTPS, we found that most ISPs blocked access to both the HTTP and HTTPS versions of sites (since it's not possible to target specific webpages when a site is hosted on HTTPS). What's interesting is that we found internet censorship in Iran to be non-deterministic.**By this we mean that we found ISPs to be flipping between blocking and unblocking sites over time, possibly in an attempt to create uncertainty or to make the censorship more subtle. Internet censorship in Iran is sophisticated because we found ISPs to be serving blockpages by means of DNS injection and through the use of HTTP transparent proxies. But another reason why it is sophisticated is because it is reinforced through the blocking of multiple censorship circumvention tools. We even found the Tor network to be blocked most of the time across most networks, but on a positive note, Tor bridges were partially accessible. Iranian ISPs also appear to be taking extra steps to reinforce internet censorship and limit circumvention. We found various online translators to be blocked. Pasting a URL into an online translator will provide access to the site's content, even if that site is blocked. Online translators can therefore provide a form of censorship circumvention, likely explaining why we found them to be blocked. Political relations appear to influence how information controls are implemented in Iran. This is strongly suggested by the fact that we found multiple Israeli and U.S. domains to be blocked. Israeli domains even appear to be blocked almost indiscriminately. US export laws and regulations, on the other hand, restrict the use of services in Iran, which is why we found Norton, Virus Total, and GraphicRiver to be inaccessible in the country. Internet censorship in Iran also appears to serve as a tool for the reinforcement of geopolitical dynamics of power. This is strongly suggested by the fact that we found multiple Kurdish sites to be blocked. Much more can be said about this study....but this email is already quite long. :) We encourage you to explore the data we published! Thanks for reading. ~ The OONI team. -- Maria Xynou Research and Partnerships Coordinator Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

New OONI release: Test sites you care about!
by Maria Xynou 27 Sep '17

27 Sep '17

Hello Oonitarians, The OONI team is super excited to announce.... OONI Run! OONI Run is a new OONI Probe mobile app feature linked to this site: https://run.ooni.io/ Through this site, you can: * Engage your friends (and the world) with censorship measurement tests! * Monitor the blocking of your site (and other sites you care about) around the world! Heard of censorship events but would like to have data to verify them? Suspecting that censorship may occur leading up to or during political events? *Our solution to this is OONI Run.* We are excited about OONI Run because it can help build a *global community that monitors and responds to censorship events around the world.* Add sites to OONI Run, generate a link, and share it with your friends and with the world! If they have the OONI Probe mobile app already installed, it will automatically start running the tests (and testing the sites) of your choice! If they don't have OONI Probe installed, in will encourage them to first install the app (to then start running the tests). Has your site been censored by governments around the world (or do you suspect that that may happen)? Through OONI Run (https://run.ooni.io/) you can get OONI Probe widget code so that the global OONI Probe community can test your site! Learn more about OONI Run through our blog post: https://ooni.torproject.org/post/ooni-run/ https://blog.torproject.org/ooni-run-lets-fight-internet-censorship-together https://twitter.com/OpenObservatory/status/913063206855331845 Together, we can coordinate to fight internet censorship around the world. Happy testing! ~ The OONI team. -- Maria Xynou Research and Partnerships Coordinator Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

Evidence of recent censorship events in Spain and China
by Maria Xynou 26 Sep '17

26 Sep '17

Hello Oonitarians, I am sending this email to share OONI data providing evidence of recent censorship events in Spain and China. *# Spain* As of yesterday, OONI Probe users in Spain started testing the blocking of sites associated to the upcoming Catalan Independence Referendum. The sites that were added for testing can be found here: https://github.com/citizenlab/test-lists/pull/222/files If you know of other sites that should be added to this testing list, please create a pull request or send them to me via email. As of today, we have started collecting network measurements which provide *evidence of the DNS blocking of sites related to the Catalan Referendum*. Below are some examples: https://explorer.ooni.torproject.org/measurement/20170925T094539Z_AS12479_Y… https://explorer.ooni.torproject.org/measurement/20170925T094539Z_AS12479_Y… To find more examples, please filter the measurements through the following page: https://explorer.ooni.torproject.org/country/ES You can filter the measurements through the following steps: 1. Click "Filter Results" in the Spanish OONI Explorer page: https://explorer.ooni.torproject.org/country/ES 2. Add a domain in the "Test Input" section that already exists in the Spanish test list: https://github.com/citizenlab/test-lists/blob/master/lists/es.csv (if it's not included in this list, then that URL hasn't been tested) 3. Click "Apply Filter". This will now present you with all the measurements pertaining to the domain that you selected. By clicking on each of those measurements, you will be able to find evidence of the blocking at the bottom of each "measurement page", by clicking on "object" (thus opening up the technical details). *# China* We *confirm that the blocking of WhatsApp in the AS9808 network in China started on 23rd September 2017. *Network measurements collected from that network over the last days show: WhatsApp blocked on 25th September 2017: https://explorer.ooni.torproject.org/measurement/20170925T150818Z_AS9808_Ub… WhatsApp blocked on 24th September 2017: https://explorer.ooni.torproject.org/measurement/20170924T032827Z_AS9808_VE… WhatsApp blocked on 23rd September 2017: https://explorer.ooni.torproject.org/measurement/20170923T190041Z_AS9808_KV… In contrast, WhatsApp was found to be accessible in that network on 22nd September 2017 (and during all the previous dates): https://explorer.ooni.torproject.org/measurement/20170922T161201Z_AS9808_Vv… This strongly suggests that this ISP started blocking WhatsApp on 23rd September 2017. It's worth highlighting that, as of yesterday, we see this ISP increasing the censorship of WhatsApp. During the previous dates (23rd & 24th September), they were only blocking TCP connections to WhatsApp's endpoints. But as of yesterday (25th September), they are *ALSO blocking access to WhatsApp's registration service* -- therefore enhancing the censorship of WhatsApp. It's also worth noting that these measurements have only been collected from one ISP (AS9808). Therefore, it remains unclear to us whether other ISPs in China are blocking access to WhatsApp as well, or whether the block is being implemented on a nation-wide level. The measurements that we collect depend on the OONI Probe users in China, and where they choose to run tests. You can filter the WhatsApp measurements collected from China through the following steps: 1. Access the China OONI Explorer page: https://explorer.ooni.torproject.org/country/CN 2. Click "Filter Results". 3. Select "WhatsApp" in the drop-down menu of "Test Name". 4. Click "Apply Filter". You will now be presented will all the OONI network measurements showing the testing of WhatsApp in China. By clicking on each individual measurement, you will be able to find more information by clicking "object" (uncovering technical details). We encourage you to use this data as part of policy and advocacy efforts, as well as for recommending censorship circumvention advice. All the best, Maria. -- Maria Xynou Research and Partnerships Coordinator Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

Spanish government is censoring websites regarding Catalan referendum
by Pablo Castellano 25 Sep '17

25 Sep '17

Hi all, The Spanish government is blocking websites that contain information about the referendum that will happen in Catalonia next 1st October (along with other repressive measures) and is suing people that keeps publishing web mirrors. Note that the .cat domains seem to be seized (last week Police raided the offices of the .cat domain registry, seized some computers and arrested their head IT) while other TLDs are just DNS hijacked by the Spanish Internet providers. I've made a pull request to include some of these urls in the list of domains checked by OONI. You can read more about it in the following links: - https://github.com/citizenlab/test-lists/issues/221 - https://www.eff.org/deeplinks/2017/09/cat-domain-casualty-catalonian-indepe… - https://medium.com/@josepot/is-sensitive-voter-data-being-exposed-by-the-ca… Thanks for your work! Pablo

1 0

New report on internet censorship in Cuba
by Maria Xynou 28 Aug '17

28 Aug '17

Hello, Today the Open Observatory of Network Interference (OONI) project published a new report, titled: "*Measuring Internet Censorship in Cuba's ParkNets*" You can read the report here: https://ooni.torproject.org/post/cuba-internet-censorship-2017/ https://twitter.com/OpenObservatory/status/902229490495053824 Last May we traveled to Cuba and performed a variety of network measurement tests across eight vantage points in Havana, Santa Clara, and Santiago de Cuba, with the aim of measuring internet censorship. As part of our study, we were able to confirm the *blocking of 41 websites*. Many of these sites include news outlets and blogs, as well as pro-democracy and human rights sites. Many of the blocked sites, directly or indirectly, express criticism towards the Cuban government. Interestingly enough though, various other international sites which also express criticism were found to be accessible. Web proxies, like Anonymouse, were amongst those found to be blocked, potentially limiting Cubans' ability to circumvent censorship. The Tor network though was found to be accessible across the country, likely because Cuba has relatively few Tor users. *Deep Packet Inspection (DPI) technology was found to be resetting connections and serving (blank) block pages.* Through latency measurements, we were able to confirm that the blocking server is most likely located in Havana (and in any case, for sure in Cuba). Only the HTTP version of sites was found to be blocked, potentially enabling users to circumvent the censorship by merely accessing them over HTTPS. Most blocked sites, however, do not support HTTPS. *Skype was found to be blocked. *By examining packet traces, we were able to determine that the DPI middlebox blocked Skype by means of RST injection. Other popular communications tools, such as WhatsApp and Facebook Messenger, were found to be accessible. *Chinese vendor Huawei was also found to be supporting Cuba's internet infrastructure.* The server header of blocked sites, for example, pointed to Huawei equipent. It remains unclear though whether they are actually implementing internet censorship in the country. Lastly, we accidentally discovered that *Google is blocking Google App Engine from Cuba (when trying to run NDT).* Overall, internet censorship does not appear to be particularly sophisticated in Cuba. The high cost of the internet and the limited availability of public wifi hotspots across the country remain the main barriers to accessing the internet. But as Cuba's internet landscape evolves, so might techniques and practices around internet censorship. Therefore, we think it's important to continue to measure networks with ooniprobe in Cuba and elsewhere around the world. Thanks for reading our latest report - happy to address any questions you may have! ~ The OONI team. -- Maria Xynou Research and Partnerships Coordinator Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0