Agree! Happy to see Citizen Lab keep pushing out such important research. /Marcin
On 13 Feb 2014, at 15:47 , <[email protected]> <[email protected]> wrote: > Ron, Bill, Claudio, Morgan and John, > > Congratulations. This is an invaluable report for Ethiopia and beyond. > We'll put in to good use. Thank you! > > Best, Frank > > Frank Smyth > Executive Director > Global Journalist Security > [email protected] > Tel. + 1 202 244 0717Cell + 1 202 352 1736 > Twitter: @JournoSecurity > Website: www.journalistsecurity.net > PGP Public Key 92861E6B > > >> -------- Original Message -------- >> Subject: [liberationtech] Hacking Team and the Targeting of Ethiopian >> Journalists >> From: Ronald Deibert <[email protected]> >> Date: Wed, February 12, 2014 12:01 pm >> To: Liberation Technologies <[email protected]> >> >> >> Hello LibTech >> >> On behalf of the Citizen Lab, I am pleased to announce a new publication, >> details for which are below. This report is the first in a series that focus >> on the global proliferation and use of Hacking Team's RCS spyware, sold >> exclusively to governments. More posts will follow in the next week. >> >> The report is authored by Bill Marczak, Claudio Guarnieri, Morgan >> Marquis-Boire, and John Scott-Railton. I'd like to draw attention to the >> innovative >> mixed scanning methods developed in this post, around which a new field of >> research is emerging which I believe is going to be critical to the >> type of distributed civil controls on the global spyware market. >> >> Regards >> Ron >> >> https://citizenlab.org/2014/02/hackingteam-targeting-ethiopian-journalists/ >> >> >> Hacking Team and the Targeting of Ethiopian Journalists >> >> February 12, 2014 >> >> Tagged: Ethiopia, Hacking Team >> >> Categories: News and Announcements, Reports and Briefings, Research News >> Authors: Bill Marczak, Claudio Guarnieri, Morgan Marquis-Boire, and John >> Scott-Railton. >> >> This post is the first in a series of posts that focus on the global >> proliferation and use of Hacking Team’s RCS spyware, sold exclusively to >> governments. >> >> Summary >> >> Ethiopian Satellite Television Service1 (ESAT) is an independent satellite >> television, radio, and online news media outlet run by members of the >> Ethiopian diaspora. The service has operations in Alexandria, Virginia, as >> well as several other countries.2 ESAT’s broadcasts are frequently critical >> of the Ethiopian Government. Available in Ethiopia and around the world, >> ESAT has been subjected to jamming from within Ethiopia several times in the >> past few years.3 A recent documentary shown on Ethiopian state media warned >> opposition parties against participating in ESAT programming.4 >> In the space of two hours on 20 December 2013, an attacker made three >> separate attempts to target two ESAT employees with sophisticated computer >> spyware, designed to steal files and passwords, and intercept Skype calls >> and instant messages. The spyware communicated with an IP address belonging >> to Ariave Satcom, a satellite provider that services Africa, Europe, and >> Asia.5 In each case, the spyware appeared to be Remote Control System >> (RCS), sold exclusively to governments by Milan-based Hacking Team.6 >> Hacking Team states that they do not sell RCS to “repressive regimes”,7 and >> that RCS is not sold through “independent agents”.8 Hacking Team also says >> that all sales are reviewed by a board that includes outside engineers and >> lawyers. The board has veto power over any sale.9 Before authorizing a >> sale, the company states that it considers “credible government or >> non-government reports reflecting that a potential customer could use >> surveillance technologies to facilitate human rights abuses,” as well as >> “due process requirements” for surveillance.10 >> The Committee to Protect Journalists (CPJ) reports that Ethiopia jails more >> journalists than any other African country besides Eritrea, and says that >> the Ethiopian government has shut down more than 75 media outlets since >> 1993.11 CPJ statistics also show that 79 journalists have been forced to >> flee Ethiopia due to threats and intimidation over the past decade, more >> than any other country in the world.12 A 2013 Human Rights Watch (HRW) >> report detailed ongoing torture at Ethiopia’s Maekelawi detention center, >> the first stop for arrested journalists and protests organizers. Former >> detainees described how they were: “repeatedly slapped, kicked, punched, and >> beaten,” and hung from the ceiling by their wrists. Information extracted >> in confession has been used to obtain conviction at trial, and to compel >> former detainees to work with the government.13 HRW also indicated abuses >> committed by the army, including the use of torture and rape to compel >> information from villagers near the site of an attack on a farm.14 HRW >> noted “insufficient respect for … due process” in Ethiopia.15 >> >> Background >> >> Hacking Team and Remote Control System (RCS) >> >> Hacking Team, also known as HT S.r.l., is a Milan-based purveyor of >> “offensive technology” to governments around the world. One of their >> products, known as Remote Control System (RCS), is a trojan that is sold >> exclusively to intelligence and law enforcement agencies worldwide. Hacking >> Team’s website describes the product as “the solution” to monitor targets >> that are increasingly using encryption, or those located outside the borders >> of the government that wants to monitor them.16 >> >> Description of RCS in a 2011 official brochure.17 >> >> RCS infects a target’s computer or mobile phone to intercept data before it >> is encrypted for transmission, and can also intercept data that is never >> transmitted. For example, it can copy files from a computer’s hard disk, >> and can also record Skype calls, e-mails, instant messages, and passwords >> typed into a web browser.18 Furthermore, RCS can turn on a device’s webcam >> and microphone to spy on the user.19 >> >> While Hacking Team claims to potential clients that RCS can be used for mass >> surveillance of “hundreds of thousands of targets”,20public statements by >> Hacking Team emphasize RCS’s potential use as a targeted tool for fighting >> crime and terrorism.21 >> >> Hacking Team was first thrust into the public spotlight in 2012 when RCS was >> used against award-winning Moroccan media outlet Mamfakinch,22 and UAE human >> rights activist Ahmed Mansoor, who was pardoned23 after serving seven months >> in prison for signing an online pro-democracy petition.24 Mansoor was >> infected, his GMail password was stolen, and his e-mails were downloaded.25 >> At the same time, RCS is apparently being used by foreign governments to >> target individuals on US soil.26,27 >> >> Evidence of the use of RCS against journalists and activists led Reporters >> Without Borders to name Hacking Team as one of the five “Corporate Enemies >> of the Internet”.28 Hacking Team Senior Counsel Eric Rabe responded with a >> defense of his company’s sales practices, in which he stated that Hacking >> Team does not provide its products to “repressive” regimes.29 >> >> On the issue of repressive regimes, Hacking Team goes to great lengths to >> assure that our software is not sold to governments that are blacklisted by >> the E.U., the U.S.A., NATO and similar international organizations or any >> “repressive” regime. >> >> “Repressive” is a subjective term that may be difficult to define. We >> instead look to a selection of publications that rank countries based on >> freedom and democracy using a methodology. For example, The Economist >> publishes a Democracy Index,30 which rates governments around the world on a >> spectrum from “full democracies” to “authoritarian regimes.” Reporters >> Without Borders also publishes a yearly Press Freedom Index, which ranks >> countries’ press freedom situations from “good” to “very serious”.31 >> >> Ethiopia and Ethiopian Satellite Television Service (ESAT) >> >> The Economist ranks Ethiopia as an “authoritarian regime,” and Reporters >> Without Borders classifies it as a country where there is a “difficult >> situation” for journalists. Human Rights Watch calls Ethiopia’s press law >> “deeply flawed,” and notes that several award-winning journalists have been >> convicted under the law for exercising their right to freedom of expression, >> as part of a government crackdown on independent media.32 >> >> Journalists jailed under the law include Eskinder Nega, who was convicted of >> terrorism in 2012 in a case following the publication of his column that >> criticized the government’s detention of journalists.33 Nega won the 2012 >> PEN America Freedom to Write Award, and was hailed by the group as of the >> “bravest and most admirable of writers, one who picked up his pen to write >> things that he knew would surely put him at grave risk”.34 Nega is >> currently serving an 18 year sentence in prison, having “[fallen] victim to >> exactly the measures he was highlighting”.35 In a May 2013 letter from >> prison, he wrote, “I will live to see the light at the end of the tunnel. It >> may or may not be a long wait. Whichever way events may go, I shall >> persevere!”36 >> >> ESAT describes itself as “powered by broad-based collective of exiled >> journalists, human rights advocates, civic society leaders and members in >> the Diaspora.” Available in Ethiopia around the world, ESAT’s television >> and radio signals have been subjected to jamming from within Ethiopia >> several times in the past few years.37 >> >> Previous research by the Citizen Lab found a version of the FinFisher >> government spyware that used a picture of members of Ethiopian opposition >> group Ginbot 7 as bait, indicating politically-motivated targeting. That >> spyware communicated with a command and control server in Ethiopia.38 >> >> >> First Targeting Attempt >> >> First, the ESATSTUDIO Skype account was targeted with spyware. This account >> is used by ESAT for on-air interviews. The individual operating the >> ESATSTUDIO account at the time was an ESAT employee in Belgium, responsible >> for managing ESAT’s satellite broadcasts. An individual identified as >> “Yalfalkenu Meches” (Skype: yalfalkenu1) sent a file to ESATSTUDIO entitled >> “An Article for ESAT.rar.” We use Skype logs provided by the targets to >> illustrate the attacks. >> >> This .rar file contained an .exe file disguised as a .pdf. The file used >> the Adobe PDF icon, and contained a large number of spaces between the name >> and extension, to prevent Windows from displaying the extension. >> >> >> Left: How the file was rendered in Windows; Right: Windows file properties >> dialog >> >> Despite the file’s name, “An Article for ESAT,” the file did not display any >> such article, or any other content, when opened. >> >> >> Analysis and Link to Hacking Team RCS >> >> Summary >> >> The file sent to ESAT appeared to be Hacking Team’s RCS spyware for the >> following two reasons: >> >> The file communicated with a server that returned two SSL certificates. The >> second certificate was issued by “RCS Certification Authority” / “HT srl”, >> and was similar to SSL certificates returned by two other servers apparently >> owned by Hacking Team. The first certificate was similar to certificates >> returned by two other servers that appeared to be demonstration servers for >> Hacking Team’s RCS spyware. >> The file matched a signature that we had previously developed for RCS >> spyware. >> Detailed Analysis >> >> The hash of the file was: >> >> sha256: 4a53db7b98aa000aeaa72d6a44004ef9ed3b6c09dd04a3e6015b62d741de3437 >> sha1: b7438e699dd54f8b56fc779c1b8b08b1943d9892 >> md5: 53a9e1b59ff37cc2aeff0391cc546201 >> Shortly after opening the .exe file, it attempted to communicate with the >> server 46.4.69.25 on port 80. >> >> inetnum: 46.4.69.0 - 46.4.69.31 >> netname: HETZNER-RZ14 >> descr: Hetzner Online AG >> descr: Datacenter 14 >> country: DE >> We probed the server and noticed that it returned two self-signed SSL >> certificates:39 >> >> Issuer Subject Fingerprint >> /CN=default /CN=server a7c0eacd845a7a433eca76f7d42fc3fedf1bde3c >> /CN=RCS Certification Authority /O=HT srl /CN=RCS Certification Authority >> /O=HT srl 6500c243015a6ecc59f1272fec38eb0065d22063 >> The second certificate is issued by “RCS Certification Authority” / “HT >> srl”.Hacking Team refers to their spyware as “RCS,” and identifies itself as >> “HT S.r.l.” on its website: >> >> To confirm our hypothesis that these certificates were associated with >> Hacking Team, we searched historical SSL certificate data released by the >> Internet Census40 (443-TCP_SSLSessionReq) and by the University of >> Michigan’s zmap project.41 We found two servers returning the “RCS >> Certification Authority” / “HT srl” certificate that were in the following >> range: >> >> inetnum: 93.62.139.32 - 93.62.139.47 >> netname: FASTWEB-HT >> descr: HT public subnet >> country: IT >> person: GIANCARLO RUSSO >> address: VIA DELLA MOSCOVA 13 >> address: MILANO MI >> address: IT >> phone: +39 0229060603 >> The address and phone number on the range matches those on Hacking Team’s >> website. A Giancarlo Russo is listed as the COO of Hacking Team on >> LinkedIn.42 Thus, we believe that Hacking Team controls this range of IP >> addresses. >> >> The two servers in this range that returned similar certificates to the >> server in the ESAT spyware were: >> >> 93.62.139.39 on 6/28/2012: >> >> Issuer Subject Fingerprint >> /CN=RCS Certification Authority /O=HT srl /CN=rcs-castore >> deee895bf1f68e97cb997d929e0f991ecec6ab29 >> /CN=RCS Certification Authority /O=HT srl /CN=RCS Certification Authority >> /O=HT srl 1e8e8806aa605544cda2bbb906b5d0cc7fb6fff7 >> 93.62.139.42 on 8/12/2012: >> >> Issuer Subject Fingerprint >> /CN=RCS Certification Authority /O=HT srl /CN=rcs-polluce >> 277fdf33df7baca54ce8336982db865d9f38f514 >> /CN=RCS Certification Authority /O=HT srl /CN=RCS Certification Authority >> /O=HT srl e8d5f17d142768abe2ed835d5a61d99602ab082b >> Because these IP addresses were registered to Hacking Team, we believe that >> the presence of a certificate apparently issued by “RCS Certification >> Authority” / “HT srl” is indicative of a server for Hacking Team’s RCS >> spyware. The Internet Census (443-TCP_SSLSessionReq) also recorded two >> instances of a server returning a certificate that matched the “default” / >> “server” certificate returned by the server in the ESAT spyware, along with >> an incomplete certificate for “rcs-demo.hackingteam.it”. This server was >> used by an RCS spyware sample found in VirusTotal.43 This certificate was >> returned by 168.144.159.167 on 12/14/2012, and by 94.199.243.39 on >> 12/14/2012. This is a further indication that the server in the spyware >> targeting ESAT is a Hacking Team RCS server. >> >> The file itself also matched a signature we had previously developed for RCS >> spyware. >> >> >> Second Attempt >> >> The target did not open the first file (“An Article for ESAT.exe”), and >> complained to Yalfalkenu that the file was an .exe application. Yalfalkenu >> responded that he had received the file from a friend. >> >> >> >> Yalfalkenu also said that he opened the .exe file and it “worked fine.” >> However, despite the file’s name, “An Article for ESAT,” the file did not >> display any such article, or any other content, when opened. >> >> >> >> Yalfalkenu followed up by sending ESATSTUDIO a Word document. >> >> >> >> Analysis and Link to Hacking Team RCS >> >> The Word document was: >> >> sha256: 5bde4288c11f0701b54398ffeeddb4d6882d91b3e34bf76b1e250b8fc46be11d >> sha1: 057675f8dfda0f44a695ec18a5211ff4e68a1873 >> md5: 8df850088e2324d5c89615be32bd8a35 >> As with the previous file, opening this file did not result in any bait >> content being displayed. A user who opened the file saw a blank Word >> document, which quickly closed itself. >> >> The document exploited a bug in Microsoft Windows (CVE-2012-015844) to run a >> program that downloaded and executed a file: 216.118.232.254/svchst.exe. An >> update to Windows available since April 2012 fixes this bug.45 The IP >> address 216.118.232.254 belongs to Ariave Satcom, a satellite provider that >> services Africa, Europe, and Asia.46 >> >> Private Customer VSC-ARIAVE (NET-216-118-232-0-1) 216.118.232.0 - >> 216.118.232.255 >> VSC Satellite Co. VSC-IPOWN1 (NET-216-118-224-0-1) 216.118.224.0 - >> 216.118.255.255 >> We downloaded svchst.exe: >> >> sha256: bc68c8d86f2522fb4c58c6f482c5cacb284e5ef803d41a63142677855934d969 >> sha1: b341cc1c299c07624814f35a35a4d505e65d3b67 >> md5: 015c238d56b8657c0946ec45b131362a >> Like the first file, the file communicated with 46.4.69.25. This file also >> matched our signature for RCS spyware. For the same reasons as the first >> file, this file appears to be Hacking Team RCS spyware. >> >> >> Third Attempt >> >> An hour and a half later on the same day,47 Yalfalkenu targeted another ESAT >> employee, this time based in their Northern Virginia offices. >> >> >> >> The document was: >> >> sha256: 8f9a6ae6aa56e12596d02c864998b4373a96d3f788195db3601b6e3ec54a99fb >> sha1: c384ca066fe0145455f14976c0ecf8a817a30f86 >> md5: daa5912d4ca0e4a143378947ef329374 >> Like the second file, the document also exploited the CVE-2012-0158 bug, but >> had two main differences. First, the document actually displayed bait >> content — a copy of this article.48 Second, instead of downloading a file >> from a server, the document contained an embedded file, which it copied as >> CyHidWin.exe. We extracted the file and analyzed it: >> >> sha256: d30bc31d6ad75de20aa3a45d338298030dc9136ba94aee93b4843e279fa3d59c >> sha1: 4f8b2f1071870b9d03f3bb341cf9523b0574d8f6 >> md5: c5cfa1afd5d3148a0d33fc1940ea1a37 >> As in the previous two files, the file communicated with 46.4.69.25. This >> file also matched our signature for RCS spyware. For the same reasons as >> the first two files, this file appears to be Hacking Team RCS spyware. >> >> >> Epilogue >> >> After the first two targeting attempts, we alerted ESAT that Yalfalkenu >> Meches was trying to target them with spyware. On the third attempt, the >> targeted user confronted Yalfalkenu, who again professed that he had >> received the file from a friend. >> >> >> >> Yalfalkenu also expressed puzzlement about how opening a Word document could >> infect a computer, and said that he was a victim. >> >> >> >> We talked to employees of ESAT, who said that Yalfalkenu used to collaborate >> with them, but then he “disappeared for a while.” It is possible that >> someone else is now using Yalfalkenu’s account. >> >> Links to Other Spyware >> >> Our scans indicated that the following other servers were likely being run >> by the same attacker that targeted ESAT, and were also likely Hacking Team >> RCS servers: >> >> IP First Seen Last Seen Provider Country >> 109.200.22.160 7/25/2012 8/10/2012 Delamere Services >> UK >> 109.200.22.161 7/25/2012 8/12/2012 Delamere Services >> UK >> 109.200.22.162 10/14/2012 1/13/2014 Delamere Services >> UK >> 109.200.22.163 10/13/2012 1/13/2014 Delamere Services >> UK >> 176.74.178.45 10/30/2013 1/13/2014 Infinite Dimension >> Solutions UK >> 176.74.178.119 7/25/2012 8/12/2012 Infinite Dimension >> Solutions UK >> 176.74.178.120 7/25/2012 8/12/2012 Infinite Dimension >> Solutions UK >> 176.74.178.202 10/13/2012 1/13/2014 Infinite Dimension >> Solutions UK >> 176.74.178.203 10/18/2012 1/13/2014 Infinite Dimension >> Solutions UK >> 46.166.162.147 5/16/2013 8/11/2013 Santrex SC >> 69.60.98.203 5/16/2013 Active Serverpronto US >> 216.118.232.245 11/18/2013 Active Ariave Satcom ?? >> We note that the “RCS Certification Authority” / “HT srl” SSL certificates >> returned by these servers were issued on 5/8/2012. Based on this date, we >> estimate that the attacker who targeted ESAT has been using Hacking Team’s >> RCS spyware since May 2012, or earlier. >> >> We found the following sample in VirusTotal that matched our signature for >> Hacking Team RCS spyware. The sample used 46.166.162.147 as a command and >> control server. Thus, we believe the attackers were the same, though we >> have no indication as to who they may have targeted: >> >> sha256: 9577aabf5e31af1409e2abe8c29ac918d7f8784dec75b4088a60fce6a45e9fc7 >> sha1: 0e326c39c91efeff1d045bec3c7e7c38405d0430 >> md5: c17e788e28d47891f94c64739ee7fffb >> >> Conclusion >> >> In this report, we identified three instances where Ethiopian journalist >> group ESAT was targeted with spyware in the space of two hours by a single >> attacker. In each case the spyware appeared to be RCS (Remote Control >> System), programmed and sold exclusively to governments by Milan-based >> Hacking Team. While Hacking Team and other “lawful intercept” spyware >> vendors purport to practice effective self-regulation, this case seems to be >> part of a broader pattern of government abuse of such spyware. “Lawful >> intercept” spyware has also apparently been abused to target Bahraini >> activists, Moroccan journalists, critics of the Turkish Government, and >> Emirati human rights activists. >> >> >> Acknowledgements >> >> Thanks to Eva Galperin, the Electronic Frontier Foundation, and ESAT. >> >> >> Footnotes >> >> 1 http://ethsat.com/ >> 2 http://ethsat.com/about-us/ >> 3 >> http://ethsat.com/2011/10/08/esat-accuses-china-of-complicity-in-jamming-signals/ >> 4 >> http://ethsat.com/2014/01/09/udj-says-expressing-opinion-to-media-is-not-terror/ >> 5 https://web.archive.org/web/20130723051052/http://ariave.com/tech.htm >> 6 http://hackingteam.it/index.php/customer-policy >> 7 >> http://news.cnet.com/8301-13578_3-57573707-38/meet-the-corporate-enemies-of-the-internet-for-2013/ >> 8 >> http://www.eluniverso.com/noticias/2013/12/11/nota/1901271/firma-hacking-team-fue-contactada-estado-ecuatoriano >> 9 >> http://www.ibtimes.co.uk/hacking-team-murky-world-state-sponsored-spying-445507 >> 10 http://hackingteam.it/index.php/customer-policy >> 11 >> http://www.cpj.org/2013/11/ethiopia-arrests-2-journalists-from-independent-pa.php >> 12 http://www.hrw.org/world-report/2013/country-chapters/ethiopia >> 13 http://www.hrw.org/node/119814/section/2 >> 14 http://www.hrw.org/world-report/2013/country-chapters/ethiopia?page=3 >> 15 ibid. >> 16 http://hackingteam.it/index.php/remote-control-system >> 17 >> http://wikileaks.org/spyfiles/docs/hackingteam/147_remote-control-system.html >> 18 https://www.securelist.com/en/analysis/204792290/Spyware_HackingTeam >> 19 >> http://www.theverge.com/2013/9/13/4723610/meet-hacking-team-the-company-that-helps-police-hack-into-computers >> 20 ibid. >> 21 http://www.corpwatch.org/article.php?id=15868 >> 22 http://slate.me/1eSTeUF >> 23 >> http://en.rsf.org/united-arab-emirates-ahmed-mansoor-and-four-other-pro-28-11-2011,41477.html >> 24 http://www.bbc.co.uk/news/world-middle-east-13043270 >> 25 >> https://citizenlab.org/2012/10/backdoors-are-forever-hacking-team-and-the-targeting-of-dissent/ >> 26 http://www.wired.com/threatlevel/2013/06/spy-tool-sold-to-governments/ >> 27 https://twitter.com/csoghoian/status/298899565388644352 >> 28 http://surveillance.rsf.org/en/category/corporate-enemies/ >> 29 >> http://news.cnet.com/8301-13578_3-57573707-38/meet-the-corporate-enemies-of-the-internet-for-2013/ >> 30 https://www.eiu.com/public/topical_report.aspx?campaignid=DemocracyIndex12 >> 31 https://en.rsf.org/IMG/jpg/2013_wpfi_world_press_freedom_map.jpg >> 32 http://www.hrw.org/news/2013/05/03/ethiopia-terrorism-law-decimates-media >> 33 http://www.bbc.co.uk/news/world-africa-17921950 >> 34 >> http://www.pen.org/press-release/2012/04/12/top-pen-prize-honor-eskinder-nega-jailed-ethiopian-journalist-and-blogger >> 35 ibid. >> 36 https://www.amnesty.org/en/appeals-for-action/LWM2013-Ethiopia >> 37 >> http://ethsat.com/2011/10/08/esat-accuses-china-of-complicity-in-jamming-signals/ >> 38 >> https://citizenlab.org/2013/03/you-only-click-twice-finfishers-global-proliferation-2/ >> 39 This can be verified by consulting the Sonar SSL scans >> (https://scans.io/study/sonar.ssl) between 10/30/2013 and 1/13/2014. >> 40 http://internetcensus2012.bitbucket.org/paper.html >> 41 https://scans.io/study/umich-https >> 42 http://it.linkedin.com/pub/giancarlo-russo/2/2a9/589 >> 43 >> https://www.virustotal.com/en/file/81e9647a3371568cddd0a4db597de8423179773d910d9a7b3d945cb2c3b7e1c2/analysis/ >> 44 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0158 >> 45 http://technet.microsoft.com/en-us/security/bulletin/ms12-027 >> 46 https://web.archive.org/web/20130723051052/http://ariave.com/tech.htm >> 47 On 20 December 2013, Belgium’s time zone was 6 hours ahead of Northern >> Virginia’s. >> 48 The article quotes the former head of Ethiopia’s Amhara region (Ayalew >> Gobeze) as denying that he was demoted or fired for failing to sign a border >> demarcation agreement between Sudan and Ethiopia. Ayalew is quoted as saying >> that members of the Ethiopian diaspora concocted the story, and refers to >> them as “taxi drivers” and “jobless”. >> >> Ronald Deibert >> Director, the Citizen Lab >> and the Canada Centre for Global Security Studies >> Munk School of Global Affairs >> University of Toronto >> (416) 946-8916 >> PGP: http://deibert.citizenlab.org/pubkey.txt >> http://deibert.citizenlab.org/ >> twitter.com/citizenlab >> [email protected]<hr>-- >> Liberationtech is public & archives are searchable on Google. Violations of >> list guidelines will get you moderated: >> https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, >> change to digest, or change password by emailing moderator at >> [email protected]. > -- > Liberationtech is public & archives are searchable on Google. Violations of > list guidelines will get you moderated: > https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, > change to digest, or change password by emailing moderator at > [email protected]. -- Marcin de Kaminski PhDc Sociology of Law, University of Lund Lund University Internet Institute, Cybernorms Research Group Personal homepage - www.dekaminski.se Phone#: +46-(0)768-045151
-- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
