Monday, 21 July 2014

Anonymous Re-Enters Israel-Palestine Fray in Support of Palestine

Related to our previous post, hacker group Anonymous claimed to have taken down thousands of Israeli websites between July 11 and July 17 in support of the Palestinians, according to the International Business Times.  Today, Businessweek reports the group has claimed responsibility for hacking a top Kenyan military Twitter account, where they "called for retribution over the war in Gaza, Kenyan politicians to stand down and an end to tribalism."

These attacks follow others against Israel by Anonymous in the recent past, including cyber attacks conducted in April in which the group urged allies "to hack, deface, hijack, database leak, admin takeover and DNS terminate the Israeli cyberspace by any means necessary.”

To read more about Anonymous's involvement, you can follow their website.

Cyber Warfare Underpinning Recent Gaza Strip Conflict

If there's one easy thing for people to understand about cybersecurity and cyber warfare, it's that there is a usually a strong presence of cyber attacks when there are threats of or actions of more traditional warfare.  While cyber warfare produces tangible technological, organizational, and economic damages, it can also be used as a form a psychological warfare.

A recent example comes out of escalated tensions in the Gaza Strip, where Hamas has used technology in service of their objective aims and Israelis have responded defensively.  Bloomberg reports that cyber attacks related to escalated tensions in the Gaza Strip have risen tenfold in the last few weeks.

Bloomberg reported about a recent attack involving a popular international pizza company:
During the time hackers controlled the Domino’s Facebook page, status updates included a threat to “strike deep inside Israel.” After Domino’s regained control, it posted an image of a masked man wearing a headband in Hamas’s signature green color, with the caption, “You can’t defeat the Israeli hunger for pizza!”

Israeli hackers didn’t stand idly by. They left some Hamas websites disabled for hours and others displaying content maligning the Islamist group and its leaders. 
An Israeli response to Hamas attack on the Domino's Facebook page translates as "“You can’t defeat the Israeli hunger for pizza!" according to Bloomberg.
 Some in Israel suggest that Hamas is also slowing internet service in addition to internet hacking and defacement like that which is being attributed to them in accounts like the above.  In forging a response, Israel cannot simply shut down access since their opposition generally do not use Israeli internet access to begin with.  Some analysis suggest attacks against Israel are being conducted by sympathizers abroad, which would make restricting internet access less effective in response.

The Israeli Internet Association's Dina Beer characterized the activity in the following way: “The attacks aren’t sophisticated; they just give the feeling that someone else is in control... It’s terrorism, designed mostly to frighten: ‘See, we can control your sites and do things you don’t want us to do.’ And it works.”

For more about these recent cyber developments underpinning the ground and air game in the Gaza Strip, head over the Bloomberg.

Friday, 11 July 2014

Be the First to Use SumRando Messenger!

You send texts and other private message because what you're sharing with someone shouldn't concern anyone else.  If you wanted to share your thoughts with the world at large, you could post a Facebook status or tweet your thoughts for the public to read.  Unfortunately, your private messages can be vulnerable to others' interference without a secure messenger service.

Our new secure SumRando Messenger (Beta) is here to solve that problem.  SumRando Messenger (Beta) is a secure, real-time chat app that encrypts your digital messaging from your mobile device. With SumRando Messenger (Beta) you can chat freely with your friends without worry of your ISP, phone provider or government reading along ultimately freeing you from data misuse.

We recognize how omnipresent text-based messaging is users, and we have built a new app to help protect the information that was intended to be and remain private.  Your email and text invitations to your contacts stay between you and them.  SumRando Messenger does not interfere in this communication. 

SumRando Messenger is the Premiere Encrypted Messenger App

With our messenger app, all your messages and saved friend lists are encrypted, unlike other popular messaging apps.  No messages travel from phone to phone; they move through a secure SSL (Secure Sockets Layer) connection to our servers, where they're encrypted. The messages are then sent to the destination phone using Google's Cloud Messaging Service.  No one can see to whom you are sending data, not even Google, because of its encryption through our SumRando servers.  

SumRando Messenger (Beta) Features:
  • Standard texting features - text with your friends in real-time
  • Two forms of encryption (AES-256 and SSL) to keep your messages secure
  • No direct link between your phone number, device email address, or other identifying account; the decision on who you want to communicate with is strictly yours
  • The ability to invite others to secure conversations with you using SumRando Messenger (Beta) through email or SMS
  • Messages automatically deleted upon logout with only 10 messages stored (if you do not clear you conversation) stored for future conversational reference.

Getting Started with Sumrando Messenger (Beta) is Easy. 
  1. Click here to download the app. (Check out our SumRando Messenger FAQ with any questions.)
  2. Log in to your SumRando account or start an account, if you were not previously a member.  You and your contacts communicate through SumRando, which means you do not have to share your email address or phone number with anyone you're messaging.
  3. Invite your friends to download SumRando Messenger.
  4. Test out the app with your friends (still currently in beta.  
  5. Tell us what you think!

Tuesday, 8 July 2014

In the UK, Renewed Interest in a "Snooper's Charter"

The Guardian reports that the UK government is considering measures requiring phone companies retain detailed records about phone calls, text messages, and internet activity in response to new threats to national security.  This latest effort follows a failed attempt at similar legislation last year (dubbed the "snooper's charter" by opponents), when the Labour Party and Liberal Democrats banded with outside groups to defeat the efforts. UK Home Secretary Theresa May, a chief proponent of the law last year, insists that these measures are essential in the face of new threats by groups like al-Qaeda and ISIS.

The Guardian reports on the details of the proposed legislation, which is expected to pass:
"Any new 'snooper's charter' bill would require a vast extension of the communications data that the phone and internet companies are currently required to retain. It would mean the retention of all data tracking everyone's use of the internet and mobile phones, including every web page visited, and not just the bare details kept for billing purposes by the companies."
The UK government has launched an effort to generate support for the emergency measures, emphasizing the harm the government is seeking to prevent.  The UK Home Office shared their official stance on the matter with The Guardian, saying, "The retention of communications data is absolutely fundamental to ensure law enforcement have the powers they need to investigate crime, protect the public and ensure national security."

The government feels especially pressured to act given that, in April, the European court of justice (ECJ) ruled against surveillience programs put into effect in 2009, saying that it was "too sweeping."  The Guardian reports, "The government appears to have secured support from Labour and the Lib Dems to reinstate the surveillance laws after the ECJ struck them down. But the Lib Dems are insisting that the plan will not amount to the reintroduction of the so-called 'snooper's charter' – the communications data bill – that split the coalition and was ditched in 2013."

Essentially, the government is pushing for efforts less invasive than those implemented in the past and those proposed last year.  While the details that distinguish this plan from the others are important in evaluating the plans, there seems to be concerning support for programs premised on the idea that greater surveillance amounts to greater security.  Where exactly is that "line in the sand" previous "snooper's charter" opponents drew as it relates to this latest effort?  What about shorter timeframes of record-keeping really makes this acceptable?

Read more about the UK government's latest effort at The Guardian.

Thursday, 3 July 2014

Leaks in the Dam: Iraqis Skirting Internet Blockages with FireChat

Creators of US-based messaging app FireChat report they have seen an increase of over 40,000 downloads in Iraq in June, when the Iraq government blocked access to internet to slow militant group ISIL (also referred to as "ISIS").  The app uses chatrooms to share messages in areas with poor internet coverage (e.g., airplane and underground train operators) building upon phone-to-phone connectivity. 
Given the increase in Iraq-based users, almost a tenth of the app's active chat rooms are facilitated by users in Iraq. 

Financial Times describes the app's technology as well-suited for a situation like that in Iraq.
"FireChat, developed by start-up Open Garden, allows access to messaging where getting on the internet is difficult, most prominently where governments are trying to control dissent by forcing people offline. 

"The app features 'mesh networking' technology that uses Bluetooth to send messages from smartphone to smartphone, leapfrogging over other FireChat users’ phones to extend the distances that chats can travel. If one user is connected to the internet, everyone in the vicinity can also use that connection to browse.
Internet users in Iraq are using other means to access the internet in addition to FireChat, including social media networks targeted with the blockage, which continues a trend of users seeking refuge in services that circumvent government-sanctioned internet blockages.  Apps like FireChat and services like SumRando help users in these situations access the internet services they need and without detection.  In times like these, users recognize the value of having safe, accessible products to rely on when the government overrides their freedom to browse the internet freely.

To read more about the blockage, check out our blog on the topic.  To read more about FireChat's uptick in Iraq membership, head to Financial Times.

Sunday, 22 June 2014

The Jammer Coat: High Fashion meets Wearable Technology & Privacy

You might not think the SumRando blog would be the ultimate source about high fashion.  For the most part, you would be right.  We wanted to share an interesting story about a concept related to wearable technology.  It's no secret that people are betting that a boom of wearable technology such as Google Glass is inevitable.  Wired Magazine recently did a cover story on the topic, and there are hosts of new startups looking to revolutionize technology on your body.

A new concept out of Vienna suggests wearable technology might start to be reflecting the diversity of potential consumers as it relates to privacy.  Just as some prefer slacks to jeans, wearable technology fashion could accommodate those who want to be more connected to others and those who want to remain undetectable.

Vienna-based Coop Himmelblau's Jammer Coat
Fast Company reports on a new "invisibility cloak for the digital age" out of Vienna.  They share, "Vienna-based architectural design firm Coop Himmelblau has come up with a CHBL Jammer Coat that lets you disappear, sort of. Unlike wearable tech like Google Glass, meant to better connect you to the world, the Jammer Coat makes you utterly untrackable."

Coop Himmelblau describes their Jammer Coat concept with the following:
"The CHBL Jammer Coat is a piece of clothing that enables its user to disappear: Google cannot find you anymore. The piece is made of metallized fabrics, which are blocking radio waves and shielding the wearer against tracking devices. You are no longer reachable on your mobile phone and no information from your credit card can be captured. The Wave Circle pattern of the fabric gives an illusion of strange multiple body parts, which hides and frees the individual physicality."
The Jammer Coat highlights an interesting parallel between transportable technology and wearable technology: The spectrum of privacy needs/desires and people's action's to carry out those desires.  Fashion in many ways acts as an interesting metaphor for people's preferences when it comes to the internet.  Certain services and routines are trendy ("fashionable"), which is why users will often go to great lengths -- or be willing to sacrifice a great deal -- in order to remain in step with the latest service.  Others are more selective about what technology they trust and use, amassing a set of tools and apps that seem attractive to like-minded people.
The Jammer Coat would shroud your devices from detection.

Jammer Coat is important because of the impending growth in wearable technology.  Just as good art and design should, Jammer Coat pushes us to examine or re-examine our contexts and the ways in which we view the world.  This piece might suggest to some that those of us concerned about privacy advocate for more Jammer Coats (though more colorful and more flattering) at the advent of widespread consumption of wearable technology.

What if by doing so we suggest a lack of privacy options is a wearable technology fashion faux pas?  The fear of your data being exposed is as real as the fear you've mismatched your outfit at work -- or, more fittingly -- left a zipper open.  Unfortunately, there are millions of "zippers down" today and too little messaging that leaving one's zipper down is not just a faux pas but a potentially destructive and dangerous mistake.

Saturday, 21 June 2014

Is Iraq Gov’t Wrong to Block Access to Internet Amid Turmoil?

Mashable reports that the Iraq Ministry of Communications is actively blocking access to social media sites as militant groups like ISIL are using these sites to organize themselves.  Users have reported service blockages and the emergence of malware-infected VPNs advertised as ways to circumvent the government’s internet blockage.

The Ministry’s actions highlight a key question related to internet freedom: Does your stance change when the shoe is on the other foot?  In any situation where the government limits access to the internet, we could be universally opposed to any such action in that all people, regardless of their political affiliation or agenda, should have access to the internet in order to communicate and organize.  Supporting internet freedom universally is to adopt a “come what may” mentality about its potential.  It’s even easier if we do not believe those targeted are inherently bad actors or we believe the reason behind the action is flawed.

With Iraq, where the government seems to be directly censoring a potentially dangerous group (and indirectly censoring the larger public), our universal convictions might be called into question.   Mine are.  I recognize that once we start to support the suppression of certain groups’ ability to use the internet, quickly we become submerged in ethical quicksand.  I find myself fighting against the pull of that quicksand when it comes to a militant/terrorist groups like those the Iraqi government seems to be targeting with their blockage.

Where I felt the Turkish Prime Minister Tayyip Erdogan acted far beyond his authority and arrogantly suppressed the voices of his dissenters this spring (and previously), I wonder now not if the Iraqi government’s actions had sufficient cause but rather if their actions in blocking the internet were the most effective means to stymie dangerous forces.  As someone deeply committed to open access, I feel somewhat unsettled to even entertain supporting a government for limiting access to the internet at all, even for security.

Erdogan’s supporters should rightfully push back on my logic since I’m exhibiting less than universal support for internet freedom or, as I’m thinking of it, an appetite for certain exceptions.  Admittedly, this appetite for exceptions is linked to security.  Erdogan would likely claim, even emphatically, his actions were in the name of security, meant to protect the Turkish people against the harm the internet and social media in particular can bring to the masses.  Unlike Erdogan’s crusade, which rallied against social media’s internet danger separate from specific actors, the Iraqi government’s decision to limit access to militant groups promoting propaganda (while still not clearly the most effective means to achieve this result) is different.  Where Erdogan’s actions were ideological, it’s possible the Iraqi government’s are far more situational.

Regardless of how we feel about targeted action taken by the Iraqi government, we must also recognize the larger implications of such action.  Just as the government is limiting this group’s ability to communicate and organize, they are limiting that of millions of other people.  The emergence of potentially compromised/unsafe VPNs and other circumventing tools are putting many at risk, at the hands of those the government initially targeted or other malicious actors and groups.  This is why I question whether the government’s actions were the most reasonable and effective to achieve their desired goals.

AP — Sadr City, Baghdad, June 21, 2014

What do you all think?

Should a government ever take actions like these, and under which circumstances?  Given what we know about the current situation in Iraq, did the Ministry of Communications make the right move?