Some days ago the Iranian government has ramped up censorship in three ways: deep packet inspection (dpi) of SSL traffic, selective blocking of IP Address and TCP port combinations, and some keyword filtering. The blocks on SSL are not complete and not nationwide. It seems, only the central AS12880 is blocking SSL encrypted traffic.

May be, the shutdown is related to the 33rd anniversary of the Islamic Revolution, which is being celebrated by the government but has spurred protests in years past. In this case it may be possible the new censorship will be nullified in a few days (?)

We got some user reports from Iran about the results of the new censorship. SSL encrypted traffic and HTTPS to GMail, Yahoo! and other services with SSL/TLS encrypted login is imposible. For anonymisation services the situation is unequal.

• JonDonym is not shortened by the new censorship limits. The connection wizard of JonDo is able to detect this kind of blocking and circumvent automatically. Our anti-censorship forwarders are working well, if connections to mix cascades and infoservices were blocked by IP addresses. Time by time the connections slow down.
• Tor is not able to break the limits at the moment. The Tor metrics project shows a significant decrease of connections from Iran (direct connections and bridged connections):
  
  
  In a short time Torproject.org will release new bridges with obfuscated encryption to circumvent SSL blocking.
• VPNs with SSL encryption (like Ultrasurf and others) are blocked too. Allmost all VPN providers does not have any idea how to circumvent this kind of blocking.

Please, support our work by using JonDonym premium services. The earnings are important for further development and for the people in censorship countries.

Update: (2012-02-15) It seems, the new censorship was nullified after 2-3 days. Tor is working well in Iran.

The FBI and the Department of Justice produced and distributed a set of 25 flyers to promote suspicious terrorist activity reporting. The flyers are not released publicly. The collection was compiled by the project Public Intelligence from a number of sources. It covers the information flyers for Airport Service Providers, Financial Institutions, Hotels/Motels, Internet Cafes, Shopping Malls .... Tattoo Shops.

Many of the suspicious activities described in the flyers are basic practices of any individual concerned with security or privacy online. The use of PGP, anonymisation services or any of the many other technologies for anonymity and privacy online are directly targeted by the flyer.

"Potential Indicators of Terrorist Activities" may be:

• use of anonymisation services (like JonDonym, Tor or VPN)
• use of encryption technique (like PGP, OTR or ZPHONE)
• use of anonymous payment methodes

Flyer_Internet_Cafe (PDF)

MAXA Key Exchanger offers an easy way to exchange a secure key over unsecure connections like email or instant messaging. It uses Diffie-Hellman key exchange that allows two parties that do not know each other to jointly establish a shared, secret key for symmetric encryption.

Download: MAXA Key Exchanger (for WINDOWS Vista and newer)

MAXA Research Int'l Inc. is a cooperation partner of JonDos GmbH.

JonDonym is blocked in Iran. The censorships starts 3 weeks ago. Connections to mix cascades and infoservices are blocked by IP addresses black list. Additional it seems deep packet inspection is used to slow down encrypted connections to anti censorship proxy and anti censorship forwarders. But both anti censorship technologies are working and it is possible to avois the blocking of JonDonym.

During Chaos Communication Congress in Berlin J. Appelbaum and R. Dingledine presented an analysis about blocking technologies of some gouvernments against Tor: How governments have tried to block Tor. Because we don't have cooperation partners in Iran we will study the analysis of TorProject.org for development of more sophisticated anti-censorship technologies to get back the full speed of JonDonym services in Iran.

Update: We added tutorials to circumvent blocking of JonDonym to our online help. At first try to use a proxy. If it did not work, you may use the anti censorship forwarder of JonDo.

ANONdroid is a JonDonym proxy client for Andoid smartphones. This nice piece of software is under ongoing development by the AN.ON project of the university Dresden. Project leader is Dr. Stefan Köpsell. ANONdroid uses the core libraries of JonDo with a smartphone compatible GUI. ANONdroid acts as a proxy for your internet applications and will forward the traffic of your internet applications encrypted to the mix cascades. It is still under development, but a first version is ready for download from the Andoid market.

At the moment we can not provide a secure and anonymous browser configuration like JonDoFox for desktops and netbooks. Because a secure browser configuration is important for anonymous surfing we recommend the use of Orweb browser. It is a browser for Orbot, but can be used with ANONdroid too. After installation you have to change the proxy settings of Orweb to localhost:4001.

If you would like to use our premium servces you can buy a JonDonym coupon in our webshop and create a premium account. The earnings are essential for the development of JonDonym.

Hint: You may use ANONdroid for anonymous surfing, chats and e-mail. But it can NOT protect you for data collections by your provider with tools like Carrier IQ or location tracking by gouvernments agencies.

SOPA and its counterpart in the US-Senate, PROTECT IP would he government to obtain blocking orders without an adversary proceeding against Web sites with copyright infringements. The order may target internet access providers, search engines, DNS providers, advertisers and others. SOPA will address non-US providers too.

In addition, SOPA allowing injunctions against tools that could be used to circumvent the blocking orders. At first Firefox add-ons like MAFIAAFire, ThePirateBay Dancing or DeSOPA became illegal. The U.S. Department of Homeland Security has already tried to remove MAFIAAFire from the Web (unsuccessfully so far).

But the anti-circumvention part of SOPA is not limited to Firefox add-ons. It targets anyone who:

knowingly and willfully provides or offers to provide a product or service designed or marketed by such entity...for the circumvention or bypassing of a Justice Department-erected blockade.

With this law the using of JonDonym and marketing for JonDonym may became illegal. But not only JonDonym is affected by this law. VPNs can also "bypass" a SOPA-established blockade and TorProject.org, which is funded in part by multiple federal US-agencies, is promoted for circumvent internet censorship too. Because Tor is widely used by US intelligence services and military it doesn't be a target for injunctions. But the law is not clear. It depends on the US government to use the law to prohibit a service or not.

More information about SOPA were published by EFF.org

More and more of India's 1.2 billion people come online. 300 million new users are expected for the next three years.

The Indian government instituted incredibly restrictive rules for taking down "disparaging"e; content this year. Now the government is going the way of China, Iran, Cuba, Burma, and Thailand and asked Social Media companies like Facebook, Google, Yahoo and others to proactively pre-screen user-generated content and remove it before it gets published. This is the ultimate form of censorship.

Currently, executives from companies like Google and Facebook are discussing this proposal with the Indian government.

ACCESS NOW lauched a campaign for free speech in India: Take Down Censorship, not Speech. (Please support)

Am 1. Dezember 2011 hat der Deutsche Bundestag das Gesetz zur Optimierung der Geldwäsche beschlossen. Entgegen dem ursprünglichen Entwurf wurde die Möglichkiet anonymer Bezahlungen im Internet mittels Prepaidkarten nicht vollständig abgeschafft sondern nur eingeschränkt. Prepaidkarten bis zu 100 Euro können weiterhin ohne Regisztrierung erworben werden.

Der Bundesdatenschutzbeautragte P. Schaar kommentiert die Verabschiedung des Gesetzes u.a. mit folgenden Worten:

"So begrüßenswert es ist, dass der anonyme Erwerb von E-Geld damit nicht generell abgeschafft wird, so kritisch sehe ich die nach wie vor bestehende Tendenz, individuelles Handeln in immer stärkerem Maße zu registrieren.....

Die Diskussion über Identifikationspflichten – vor allem bei der Inanspruchnahme des Internets – ist damit aber sicherlich noch nicht beendet."

Eine Möglichkeit, Beträge über 100 Euro ohne Registrierung anonym im Internet zu bezahlen, bietet weiterhin die digitale Peer-2-Peer Währung Bitcoin. Nach Einschätzung von M. Behrens (Mixbetreiber bei JonDonym und Jurist) ist Bitcoin nicht als E-Geld anzusehen und damit nicht von dem Gesetz betroffen. Die JonDos GmbH akzeptiert Bitcoin als Zahlungsmittel bei Kauf eines Premium Coupon Code im Webshop.

The Canadian government is trying to push through a set of electronic surveillance laws. As last drafted, the bills represent a dangerous attempt to leverage online service providers as agents of state surveillance. They include new police powers that would allow Canadian authorities easy access to Canadians’ online activities, including the power to force ISPs to hand over private customer data without a warrant, and pave the way to gag orders that would prevent online service providers from notifying subscribers that their private data has been disclosed.

Civil society groups have firmly denounced these spy bills. The Stop Online Spying campaign now has over 75,000 signatures (please support).

The dangers of these measures should not be underestimated. (by EFF.org)

The ISS World is a non-public conference for surveillance technology. It is taking place continuous year by year in Dubai, Prag, Washington DC, Kuala Lumpur und Brasilia. Participants are only surveillance technology companies, gouverments, law enforcement agencies or investigative agencies. It is very difficult to get any information about the events.

The Wall Street Journal got 200+ documents from the last conference in Washington DC: The Surveillance Catalog - Where governments get their tools. Additional an introduction is online at: Document Trove Exposes Surveillance Methods.

You may find hacking tools to to break into people's computers and cellphones, deep packet inspection tools, data retention tools and massive intercept gear that can gather all Internet communications in a country.

We will read the documents carefully to draw a conclusions for futher development of JonDonym and we invite interested people to discuss the documents in our forum.

Prepaidkarten wie Paysafecard oder UKash bieten im Internet eine dem Bargeld vergleichbare Anonymität beim Bezahlen von Waren und Dienstleistungen. Als Anwender kauft man in einer der vielen Verkaufstellen (Tankstellen, Kioske, Handelsketten wie Lidl usw.) an der Kasse einen Gutscheincode. Die Webseiten von Paysafecard und UKash beiten eine Umkreissuche, um die nächstgelegene Verkaufsstelle zu finden. In Städten sind meist mehrere Verkaufstellen für Prepaidkarten fußläufig erreichbar. Mit diesem Gutscheincode kann man bei verschiedenen Anbietern im Internet Dienstleistungen und Waren anonym bezahlen. JonDos akzeptiert Paysafecard als Zahlungsmittel.

Prepaidkarten bieten eine hohe Sicherheit und sind ein datenschutzfreundliches Zahlungsmittel. Es schützt vor Identitätsdiebstahl und Betrug mit Kreditkarten- oder Bankdaten, die Hacker bei einem Einbruch erbeuten und Kriminellen zur Verfügung stellen könnten. Die Förderung und Verbreitung der Nutzung liegt im Interesse der Internet-Ökonomie (sowohl für Anbieter als auch für Käufer) und sollte das Ziel der Regierung sein.

Bald vor dem Aus?

Die Bundesregierung hat einen Gesetzentwurf zur "Optimierung der Geldwäsche­prävention" (Bundestag Drucksache 17/6804) vorgelegt, der zur Zeit im Bundestag beraten wird. Dieser Gesetzentwurf sieht die Abschaffung der Anonymität für Prepaidkarten vor. Zukünfzig sollen sich Nutzer beim Kauf von Gutscheinen auch bei Kleinstbeträgen mit einem Ausweis identifizieren. Die Verkäufer der Vouches sollen die Daten 5 Jahre lang aufbewahren müssen.

Eine plausible Begründung für diesen Schritt kann die Bundesregierung nicht liefern. Laut Jahresbericht der Finanz­aufklärungs­einheit des BKA von 2010 wurden nur bei 94 von insgesamt 14.000 Verdachtsfällen auf Geldwäsche ein internetbasiertes Zahlungs­system genutzt (0,67% der Fälle).

Nach Ansicht von Paysafecard-Geschäftsführer Udo Müller wären ein Verabschiedung des Gesetzes in der aktuell diskutierten Form das AUS für die Vertriebs­struktur von Paysafecad. 95% der Partner wie Tankstellen, Geschäfte usw. würden unter diesen Bedingungen den Verkauf von Paysafecard Gutscheinen und UKash Vouches einstellen. Eine 5-jährige (sichere) Speicherung der Identitäten aller Käufer können die Verkaufstellen nicht leisten.

Anonymes elektronisches Bezahlen muss möglich bleiben

In seiner Stellungnahme zu Gesetzentwurf schreibt Bundesdatenschutzbeauftragter Peter Schaar:

"Ich appelliere an den Gesetzgeber, den überzogenen Ansatz der neuen Vorschläge entsprechend zu korrigieren."

Die 82. Konferenz der Datenschutzbeauftragten Ende September 2011 verfasste zu diesem Gesetz eine Stellungnahme Anonymes elektronisches Bezahlen muss möglich bleiben:

"Nach den vorgesehenen Regelungen würden noch mehr personenbezogene Daten unbescholtener Bürgerinnen und Bürger erfasst und ganz überwiegend anlasslos gespeichert. Dies steht in Widerspruch zur Rechtsprechung des Bundesverfassungsgerichts."

Der AK Vorrat fordert die Volksvertreter in einem offenen Brief dazu auf, das Vorhaben zu stoppen.

"Wir appellieren deshalb an Sie, jeder verdachtsunabhängigen Erfassung der Nutzer von E-Geld entschieden entgegen zu treten. Dienstleistungen im Internet müssen ebenso anonym und geschützt bezahlt werden können wie vergleichbare Leistungen außerhalb des Internets."

Aufruf zum Handeln

Wir möchten alle Leser bitten, die Kampagne des AK Vorrat zu unterstützen und gleichfalls ihre Abgeordneten im Bundestag zu kontaktieren. Kontaktadressen für ihre Abgeordneten stellt die Webseite des Bundestages zur Verfügung.

The FBI ramps up the Next Generation Identification (NGI) and will begin rolling out it as early as this January.

NGI is the successor of the IAFIS criminal and civil fingerprint database. It expands the IAFIS to include mulftimodal biometric identifiers such as iris scans, palm print, voice data and photos. The FBI is planning to introduce each of these capabilities in pahases over the next two and a half years. It will start with face recognition in 4 US states (Michigan, Washington, Florida and Nord-Carolina).

IAFIS is already the largest biometric database over the world. The combined number of criminal and non-criminal records cover close to 1/3 of the population of the United States. When NGI allows photographs and other biometric identifiers, expands the number of records and offers sophisticated search tools, it will have an unprecedented impact on Americans' privacy interests. (EFF)

The biggest change in NGI will be the addition of non-criminal photos to the database. NGI will allow unlimited submission of photos and types of photos. Sources may be:

• Cameras already used by police departments, body mountes cameras, smartphone apps of MORIS (Mobile Offender Recognition and Information System) or flying cameras.
• Private security cameras in areas like Lower Manhatten.
• Employers may be forced to submit a photo to the FBI in case of apply for job which requires background check.
• Facebook may became a "honeypot" of the FBI.

One of the FBI’s goals for NGI is to be able to track people as they move from one location to another. This tracking is not only releated to criminals and will not start with the rolling out of NGI, it is already running. Wired’s Danger Room blog reported on the FBI’s efforts to track Muslims in the United States. More information about this tracking were released in response to ACLU Freedom of Information Act (FOIA) requests.

INDECT is a research project of the European Union with nearly the same goals like FBI’s Next Generation Identification. EU funding "Orwellian" artificial intelligence plan to monitor public for "abnormal behaviour". It is part of the 7. Framework Programme for Research and Technological Development (2007–2013). Information about the research results are censored because of homeland security interests.

No Comment

National Institute of Justice presentation at 2010 biometrics conference

JonDonym is offering its premium costumers a highly anonymous file sharing service. The JonDonym Storage uses the software Tahoe-LAFS. Several verified mix operators and the JonDos GmbH provide the nodes of the storage grid. Uploads are distributed over randomly chosen nodes and stored encrypted so that no node operator can reconstruct the content of the files. The anonymity of uploaders and downloaders is guaranteed by JonDonym's premium services.

Beta-testers have explicitly confirmed the system's suitaility for whistleblowing purposes. Whistleblowers may provide files anonymously and can send the download links via anonymous e-mails or can post them in forums or blogs afterwards. Help for using e-mail anonymously can be found in our online help or in the wiki.

The service is not designed as a backup service. The uploads are not saved permanently. Rather, they are deleted automatically after 4 weeks. We reserve the right to extend the storage period depending on the capacity used.

Susan Landau, security expert at Harvard University, wrote the book Surveillance or Security? about gouverment backdoos and the risks of expanded telecommuniction surveillance. Some facts of the book are interesting:

• Such attacks have already happened. Law-enforcement wiretapping capabilities built into the Greek Vodafone network were subverted and used to listen in to communications at the highest levels of the Greek government; a system built for wiretapping Internet-based communications was shown to have serious flaws that would allow a similar subversion.
• To catch up with the new technologies of malfeasance, FBI director Robert Mueller traveled to Silicon Valley last November to persuade technology companies to build backdoors into their products. If Mueller’s wish were granted, the FBI would gain undetected real-time access to suspects’ Skype calls, Facebook chats, and other online communications­and in "clear text", the industry lingo for unencrypted data. Backdoors, in other words, would make the Internet -- and especially its burgeoning social media sector -- "wiretappable". (Boston Review)

Documents published by EFF about the FBI trojan CPIAV and by German CCC about spying software used by by German police forces show: law enforcement agencies and secret services do not respect the limits by law in using such invasive technologies.

Additional great security leaks were opened by the spying software and backdoors. The security expert Bruce Schneier wrote in his blog, the cyberterror by gouverments have the potential to be more dangerous than cybercriminals.

The following article was published by Leila Nachawati at Global Voices Advocacy under CC-BY-Lizenz. It shows a warning, how surveillance can be used by undemocratically gouverments.

BlueCoat: US technology surveilling Syrian citizens online

In the context of repression in the Middle East and North Africa, surveillance technology has played a key role in providing authoritarian regimes with the tools necessary to track citizens online. Among these companies, BlueCoat has proved to be the most efficient in helping the Syrian regime control every movement of Syrians on the Internet.

Every movement of Syrians online is monitored

On October 5, Telecomix collective released 54 Gigabytes of log files taken from Syrian BlueCoat devices that cover the period from 22nd of July to 5th of August, 2011. Bluecoat, an American company, produces proxy devices, tools that offer web caching, virus scanning, and content filtering. Such devices can also be used to conduct surveillance.

The logs released by Telecomix show that the Syrian Telecommunications Establishment has been using Bluecoat devices in order to filter and monitor HTTP connections in the country. BlueCoat has denied selling products to the Syrian regime before, as sales to Syria are not authorised as a result of US trade embargoes, but these logs prove that BlueCoat products have been used as the main technology for surveillance in Syria, perhaps through resellers located in neighboring countries.

Following the Telecomix release, BlueCoat did not respond to direct enquires about the sale of their products to the Syrian government. After multiple attempts, a company spokesperson protested they "don´t sell technology to Syria."

This graphic by researcher Arturo Filastò shows the entries that are most requested and blocked in different parts of the country. The logs show that the majority of blocked sites relate to software, advertising, social media, and search engines, as well as some pornographic and other adult content, some of which may have been included by default. Included in the list of blocked sites are Islamsyria.com, Islammemo.cc; Muhammadanism.org and Ikhwanonline.com, which show the Syrian regime's obsession with Muslim narratives, but also TourismEgyptonline and Myvisapassport.com, which provide info on obtaining visas to get out of the country.

According to Tor researcher Roger Dingledine, the release shows that when people in Syria have used Tor, the websites they visit don´t show up in these logs. Because of the dangers posed by this level of surveillance, he strongly recommends all Syrians use Tor.

The surveillance hasn´t stopped just because we found these logs. So if you don´t want to be in these kind of lists you need to use a privacy tool like Tor.

A risky release

Telecomix, which defines itself as a &qout;guerrilla informational warfare group", has helped people in Syria and other countries in the region with censored and monitored web access. With this release, they aimed to allow access to anyone who wishes to analyze the files to provide a deeper insight on Syrian censorship and create more knowledge to circumvent further attacks on freedom of expression. But is this the right way to achieve that? Telecomix states that subscribers'personal IP addresses have been stripped off to protect their privacy, but also note that some personal data are still present in the requested URLs. According to researcher Jacob Appelbaum wrote:

Publishing the data is risky. The data was probably already in the hands of the ones wanting to harm the Syrian population but after this release, we can bet that if they did not have a copy, they will now. Publishing an analysis of this data without revealing info on the specific users would have been safer. Syrians are apparently being killed for posting criticisms of Assad on Facebook pages - the authorities will stop at nothing to suppress criticism.

There is clearly a direct relationship between filtering and surveillance technology like BlueCoat and the tracking, arrest, torture and killing of potential opponents in Syria. According to Jillian C. York from the Electronic Frontier Foundation,

We have seen few changes in respect to the sale of surveillance and filtering tools to authoritarian regimes by companies based in the United States and other democratic countries.

With the death toll reaching 3000 according to some sources, and tens of thousands arrested, tortured and disappeared, this release is just further proof of the surveillance Syrians are exposed to every minute of their lives, and the implication of Western technology in this surveillance.