Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Encryption Government Privacy Security Your Rights Online Politics

The Activists Who Bring Security To the Oppressed 33

Posted by samzenpus
from the fighting-the-good-fight dept.
msm1267 writes "Tibetans inside China or in exile, along with Syrians, Iranians and other groups oppressed by autocratic regimes, rely on technology to communicate and organize protests. Yet state-sponsored attackers have infiltrated the devices and platforms used by the oppressed to put their freedom or lives in danger. Groups such as Tibet in Action or Citizen Lab Munk School of Global Affairs have put together resources to help educate and enhance the security of oppressed people."
This discussion has been archived. No new comments can be posted.

The Activists Who Bring Security To the Oppressed

Comments Filter:
  • The lesson here... (Score:5, Insightful)

    by rmdingler (1955220) on Thursday April 04, 2013 @07:15AM (#43356281)
    If you have a Smartphone with you can be tracked. If you have a Smartphone and enemies in high places, you will be tracked. Ironically, the cell phone is both a lifeline and a leash.
    • If you have a Smartphone with you can be tracked. If you have a Smartphone and enemies in high places, you will be tracked. Ironically, the cell phone is both a lifeline and a leash.

      If you have a Smartphone with you can be tracked. If you have a Smartphone and enemies in high places, you will be tracked. Ironically, the cell phone is both a lifeline and a leash.

      If you have a Smartphone with you can be tracked.

      I thought any kind of cellphone was vulnerable to being tracked while connected to a cellular network.

      • Whoops massive quote fail. Please dont hit me.
      • by fuzzyfuzzyfungus (1223518) on Thursday April 04, 2013 @08:13AM (#43356589) Journal

        All cellphones are vulnerable to being tracked by parties with physical jurisdiction(your telco, for technical and billing reasons, in addition to any sinister motives/data mining/compliance with The Feds, other telcos with towers using sufficiently similar spectrum(unless they are supplying you with service as part of some roaming agreement you'd be less interesting, one presumes; but they could hear you if they wanted to), The Feds(whatever exactly they are doing with those 'Stingrays' that is so impeccably legal that they don't want to talk about it, at all...)), and all, or overwhelmingly close to all, cell modems are little black boxes whose behavior is largely invisible, so they are suspect on that count as well(yes, even on phones with 'Open Source Firmware', this just means that the cell modem is a black box that communicates with the OS in a polite and well-understood manner, generally one amusingly similar to an AT modem on a serial line, albeit with a bunch of command set extensions).

        Smartphones however(and 'featurephones' complex enough to basically be smartphones with shitty 3rd party support) have the disadvantage of running enough fancy software, generally along with an internet connection, that an attacker without physical jurisdiction may well be able to pull off an attack purely in software by planting malware at the OS level. In addition to getting more interesting data than just rough location and calls made/received, this means that Country A can(with minimal risks of repercussions) bug a citizen of Country B.

        That's the reason why smartphones, in particular, along with computers and webmail accounts and other network-vulnerable services, tend to be of concern to Tibet activists and other groups that rely substantially on expat populations for coordination/PR/etc.

        It's no secret that Ma Bell will be happy to tell Uncle Sam all about you if your phone is inside the US; but it is much less likely that either party would cooperate with Chinese authorities who are looking to crack down on Tibetans or Ugurs or whoever it is these days. Software attacks, though, will work just fine.

    • by arielCo (995647)

      If you have a *phone* you are, by definition, being tracked. Y'know, the phone has to register with the base station. In a city, cell radius goes down to maybe 25 m.

  • Tracking ID (Score:5, Insightful)

    by Wowsers (1151731) on Thursday April 04, 2013 @07:21AM (#43356305) Journal

    If you thought the Intel Pentium that displayed a users processor ID was bad, then you wait until the "Trusted Computing" platform is fully implemented on motherboards. Already manufacturers are colluding to make it very hard to find a modern (as in has USB3) motherboard without the TC garbage. Then there's Microsoft trying to lock down every desktop and laptop with "secure boot", to cripple Microsoft's "free" competition (still no squeels from the EU on that).

    I hate mobile phones being locked down installing who knows what transmitting who knows what, now the manufacturers are trying to control the pc market too, makes it easier to track people.

    • by arielCo (995647)

      If you thought the Intel Pentium that displayed a users processor ID was bad, then you wait until the "Trusted Computing" platform is fully implemented on motherboards. Already manufacturers are colluding to make it very hard to find a modern (as in has USB3) motherboard without the TC garbage. Then there's Microsoft trying to lock down every desktop and laptop with "secure boot", to cripple Microsoft's "free" competition (still no squeels from the EU on that).

      What makes you think that the bad guys rely on something they announced like Trusted Computer? They could have implemented it in every chipset since ever and just not tell you.

      I hate mobile phones being locked down installing who knows what transmitting who knows what, now the manufacturers are trying to control the pc market too, makes it easier to track people.

      Newsflash: ANY mobile phone is, by definition, tracked. When you turn it on and every time you switch towers (which is every 50 meters or less in a city), the telco *has* to know your new location so you can get that call with the latest intel from your fellow fighters.

    • The processor ID doesn't matter that much, because PCs are already swimming in unique identifiers. BIOS/motherboard serial, hard drive serial, MAC address, optical drive serial, memory module serials... if you've got software running on the target already, you can easily enough gain access to all of those. A processor ID doesn't enable any new attacks.

  • by fustakrakich (1673220) on Thursday April 04, 2013 @07:45AM (#43356405) Journal

    All these evil countries have 'activists' in jail. But the Americans? All of their prisoners are criminals..

    The article is right about one thing, most of the attackers are state (and I would add corporate)-sponsored...

    Another fine piece of propaganda there...

    • by poity (465672)

      Your naivete presumptions are easy to dismiss with a simple 5 minute task:

      Look at what happens to ACLU lawyers in USA
      Look at what happens to civil rights lawyers in China

      • Differences of a degree, nothing more, and does nothing to diminish the plight of political prisoners in the US. But all that is easy to dismiss because their attorneys aren't in jail also? The US still has a much higher number, percentage and in absolute terms, in its prisons. Who's being naive?

  • Hey!

    it's another one of those stories... where its only news because it happened on the internet

  • It is ridiculous. We pinpoint Iran (we want their oil), Syria (because to their affiliation with Iran), China (it is always good to maintain the heat on your economic rivals).

    What about Saudi Arabia? It is the only country that women cannot drive a car, cannot walk the streets without a male chaperone who is a relative, no elections, and so on. But Saudi Arabia is our ally in the oil business, so we simply bypass these inconvinient truths.

    If Saudi Arabia is not on the shit list, then these attempts are our

  • by nimbius (983462) on Thursday April 04, 2013 @08:51AM (#43356887) Homepage
    we tacitly support chinese oppression through our international trade agreements, installed the ruling dictator in syria largely as part of the carter doctrine, and wag our fingers at Iran because of their drive to become a regional superpower that eschews american influence. the author categorically ignores all this and in the second paragraph whines about the intolerable restrictions on foreign nationals as they pertain to app stores for their smartphones.
    strangely enough, theres also a pile of sympathy in the third paragraph for NGO's. at no point does the author acknowledge that an NGO's sole purpose in american history has always been to further western influence. NGO's are charged with things like the privatization of water and fragmentation of local health services in africa as well. They exist, funded by a foreign government in part, to engage in sidechannel diplomacy that often as in the case of oxfam and the liberty institute results in protests and revolution. foreign governments do quite well to limit or refuse them, Yet in the article the authors tunnel vision completely avoids CAIR, an NGO based in america, is routinely demonized and raided by american law enforcement.
  • All this hype about freedom is beginning to wear thin, I feel. I mean, I am as keen on people enjoying personal freedom as any, but like all other good things, it has been snatched up by those least worthy and turned into a prostitute concept, that means "whatever lines my pocket". In short, I find it helpful - nay mandatory - to maintain a healthy amount of skepticism when people envelop their message in "freedom".

    Remember, one man's freedom fighter is another man's terrorist; and there is no such thing as

"In the face of entropy and nothingness, you kind of have to pretend it's not there if you want to keep writing good code." -- Karl Lehenbauer

Working...