Re: [liberationtech] [liberationtech-events] List Termination Notice

Hello Yosem, That makes sense. Liberationtech's program had a solid run, and the list was foundational to a lot of the communities and conversations that thrive today. As these discussions evolved so too have the needs of the field. Thanks for administering it over these years. Cordially, Collin

Re: [liberationtech] DRL Internet Freedom pages hit the memory hole

Google cache indicates it was up yesterday, with references to Sec. Kerry and Ambassador Power, etc. Humanrights.gov looks like a complete mess overall right now, so perhaps what we are seeing in an artifact of transition rather than a purging according to policy?

Re: [liberationtech] Security Without Borders

; Awesome. Critical and needed initiative. A thank you goes out to > Claudio Guarnieri, Collin Anderson, and their colleagues for putting > this together. I certainly could have benefited from a project like > this during the Arab Spring in my advice to pro-democracy activists. > > Cl

Re: [liberationtech] popular circumvention tools have been blocked in Iran

On Wed, Feb 10, 2016 at 11:09 AM, Joseph Lorenzo Hall wrote: > Do we have any indication as to how they are blocking (e.g., given Iran's > past history, I'd tend to think it involves fingerprinting circumvention > tech protocols). best, Joe > I don't believe its traffic

Re: [liberationtech] Telecommunications to Cuba in New Policies

: where do sound studio / video equipment software stand? Can they be exported to Cuba now? On Jan 15, 2015, at 10:01 AM, Collin Anderson col...@averysmallbird.com wrote: Hello Libtech, The Cuba new rules are out, since there are two jurisdictions covering the country, they are split between

Re: [liberationtech] Telecommunications to Cuba in New Policies

. Not a commercial export.. Best Regards | Cordiales Saludos | Grato, Andrés L. Pacheco Sanfuentes a...@acm.org +1 (347) 766-5008 On Tue, Aug 18, 2015 at 12:39 PM, Collin Anderson col...@averysmallbird.com wrote: I cannot be your lawyer, but you might find some assurances within License Exceptions

Re: [liberationtech] VOA - Circumventing Censorship guide?

On Tue, Apr 14, 2015 at 12:44 AM, Katy Pearce katyca...@gmail.com wrote: And what about translation? Perhaps it's best that this not be translated for the moment until large inaccuracies are fixed. Reached out to the author, let's see whether there is an interest to engage. For what it's

[liberationtech] Considerations on Wassenaar Arrangement Proposals for Surveillance Technologies

Libtech colleagues -- On Monday, Access released my paper regarding the Wassenaar Arrangement's controls on Intrusion Software and IP Network Surveillance equipment. Since the release of the changes over a year ago, there has been a great deal of confusion about their scope, and the paper seeks

Re: [liberationtech] Iranian are bypass the Twitter censorship and sanction by their mobile phones

Support for Iran, Cuba and a number of other countries has been added to Twitter: http://mashable.com/2015/01/27/twitter-iran-cuba/ On Sun, Nov 23, 2014 at 4:18 PM, Nariman Gharib nariman...@gmail.com wrote: Hi John, On Sun, Nov 23, 2014 at 8:41 PM, John Adams j...@retina.net wrote: This

Re: [liberationtech] Receiving phone verification and 2-Step Verification codes through a 'number inside Iran'

On Fri, Jan 16, 2015 at 10:42 AM, Nariman Gharib nariman...@gmail.com wrote: I want to know anybody here know is it a big deal or not and how we can solve this issue? Their SMS partner probably now has a relationship with a local telecommunications services company. I'm not sure it's anymore

Re: [liberationtech] Receiving phone verification and 2-Step Verification codes through a 'number inside Iran'

On Fri, Jan 16, 2015 at 12:10 PM, elham gheytanchi elhamu...@hotmail.com wrote: I think it means the codes are generated by the state agencies. They are not, the international companies would contract with an SMS gateway to send codes. That SMS gateway should be a more or less a dumb pipe that

Re: [liberationtech] Receiving phone verification and 2-Step Verification codes through a 'number inside Iran'

via SMS with Iranian number since 6 months ago. On 16 January 2015 at 17:39, Collin Anderson col...@averysmallbird.com wrote: On Fri, Jan 16, 2015 at 12:10 PM, elham gheytanchi elhamu...@hotmail.com wrote: I think it means the codes are generated by the state agencies

Re: [liberationtech] Telecommunications to Cuba in New Policies

though that hardly anybody in Cuba would stop making a CC transaction in the island thanks to his US relatives Obama because of that.. Best Regards | Cordiales Saludos | Grato, Andrés L. Pacheco Sanfuentes a...@acm.org +1 (347) 766-5008 On Wed, Dec 17, 2014 at 7:47 PM, Collin Anderson

[liberationtech] Fwd: Meet the iMarker, Russian targeted ad service which analyze your traffic on ISP side

Not the type to crosspost but this might be a fun measurement project for people on the list. -- Forwarded message -- From: Anton Nesterov koma...@openmailbox.org Date: Thu, Jan 8, 2015 at 3:45 PM Subject: Meet the iMarker, Russian targeted ad service which analyze your traffic on

Re: [liberationtech] Cuba: 5% Internet penetration

On Thu, Jan 8, 2015 at 2:27 PM, Bill Woodcock wo...@pch.net wrote: It’s called fiber. Fiber is cheap? -- *Collin David Anderson* averysmallbird.com | @cda | Washington, D.C. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you

Re: [liberationtech] Cuba: 5% Internet penetration

On Mon, Jan 5, 2015 at 12:59 PM, Myself falcoco...@gmail.com wrote: Under the new measures announced by the Obama administration in December 2014, Cuban exiles can buy and send to the island satellite Internet equipment, Wi-Fi routers, repeaters and pay for this service for their relatives in

[liberationtech] Telecommunications to Cuba in New Policies

Dear Libtech, In case this was lost in the news of rapprochement with Cuba, a central aspect of the new policy includes new authorizations on the export of information technology and connectivity. There is no clear guidance or legal framework as of yet, but these should be forthcoming in the next

Re: [liberationtech] Telecommunications to Cuba in New Policies

On Wed, Dec 17, 2014 at 8:33 PM, Ellery Biddle ellery.bid...@gmail.com wrote: The financial piece here is also really important to follow, I think. Although a lot of what Obama laid out today was actually somewhat preliminary and short on detail, he very explicitly stated that US credit cards

Re: [liberationtech] Feedback for debate on encryption with former FBI General Counsel

On Sat, Nov 8, 2014 at 12:53 AM, Jonathan Wilkes jancs...@yahoo.com wrote: I do not think this will end up being a very vigorous debate, but I'd very much love to be wrong. Of course, the advocacy strategy where one alienates potential allies based on completely pertinent qualifications until

[liberationtech] Measurement Lab Technical Report on Interconnection Degradation in the United States

Libtech colleagues, Not the dramatic flare of international emancipatory movements this list tends towards, but research methodologies and health of the Internet related. Plus tools and code that might come into use for those other breathless occasions. Please share! Cordially, Collin *ISP

Re: [liberationtech] Espionge.app's lack of plausible deniability (Was: TrueCrypt Alternatives?)

On Tue, Oct 7, 2014 at 1:25 PM, Greg g...@kinostudios.com wrote: If you want me to open a CVE, I need to hear from you (and anyone else advocating that I go through the process of opening and maintaining CVE after CVE about the always imperfect PD we provide) why we should be required to open

Re: [liberationtech] Espionge.app's lack of plausible deniability (Was: TrueCrypt Alternatives?)

On Mon, Oct 6, 2014 at 9:50 PM, Greg g...@kinostudios.com wrote: I have no idea why it suddenly broke. If you have no idea why something fairly basic and important broke, should you be purporting to be safe enough to cover the use case of a human rights activist inside of a totalitarian

Re: [liberationtech] Time validation for 2-step verification codes

In this case, it appears that the victims were deceived by a well-attended phishing campaign into giving up both their password and their SMS-provided 2FA code. Amin is simply asking what the lifetime of that code is, since it is not nearly as short as the Authenticator-provided number. On Wed,

[liberationtech] Did ISS World Permit the Iranian and Sudanese Government into its Surveillance Trade Show?

Libtech, Yesterday, after months of research and writing, I released writeup about a ISS World allowing Iranian telecommunications companies and Sudanese security services to attend their surveillance trade show over the past several years. Humorously, when the Washington Post attached an old

Re: [liberationtech] vxheavens.com

It's more simple, vxheaven.org has not been renewed and is parked by its registry until the grace period lapses. Domain Name:VXHEAVEN.ORG Domain ID: D169115535-LROR Creation Date: 2013-07-03T09:40:49Z Updated Date: 2014-07-10T06:33:44Z Registry Expiry Date: 2015-07-03T09:40:49Z Sponsoring

Re: [liberationtech] vxheavens.com

/15/2014 8:09 PM, Collin Anderson wrote: It's more simple, vxheaven.org has not been renewed and is parked by its registry until the grace period lapses. Domain Name:VXHEAVEN.ORG Domain ID: D169115535-LROR Creation Date: 2013-07-03T09:40:49Z Updated Date: 2014-07-10T06:33:44Z Registry

Re: [liberationtech] Iran has been blocked Facebook's Bots ( crawlers )

Hi Nariman, Attempted to fetch Asr Iran using the facebookexternalhit User Agent and it worked fine. I suspect this is the product of firewall rules against Facebook's subnets as a backup for when the filter fails, and not an intentional attempt to block Facebook's bot. It certainly would not

Re: [liberationtech] Google Play is available again in Iran

Nariman, Shortly after Play was made available by Google, it was blocked by the Filternet, perhaps due to the rush of circumvention tools enabling their availability to Iranians (vendors had to manually enable Iran). The 403 HTTP code is thrown both by Google upon hitting a sanctions restricted

Re: [liberationtech] Iraq block Social media

On Sat, Jun 14, 2014 at 12:31 PM, David Gessel ges...@blackrosetech.com wrote: I tested Facebook, youtube, google, and twitter and all loaded normally. Traceroute showed no anomalies. I believe that your testing is a bit off -- as of yesterday Earthlink was blocking social media, primarily

Re: [liberationtech] Iraq block Social media

(185.23.153.242) ;; WHEN: Sat Jun 14 14:44:58 2014 ;; MSG SIZE rcvd: 70 On Sat, Jun 14, 2014 at 2:54 PM, Collin Anderson col...@averysmallbird.com wrote: On Sat, Jun 14, 2014 at 12:31 PM, David Gessel ges...@blackrosetech.com wrote: I tested Facebook, youtube, google, and twitter and all loaded

Re: [liberationtech] when you are using Tor, Twitter will blocked your acc

On Mon, Jun 9, 2014 at 11:02 AM, Griffin Boyce grif...@cryptolab.net wrote: I'd recommend reaching out formally (perhaps to privacy@ ?) and proposing a whitelist or other special consideration for Tor users. You've got the name recognition to pull it off and you actually work for Tor. =)

Re: [liberationtech] Many VPNs and Psiphon are currently blocked in Iran right now

On Sun, Feb 23, 2014 at 9:43 AM, Nathan of Guardian nat...@guardianproject.info wrote: That is the reason I promote Tor. It is 100% free, run by volunteers, doesn't require a credit card or registered account, and has group of Farsi-literate community support staff (like Nima) ready to help.

Re: [liberationtech] Many VPNs and Psiphon are currently blocked in Iran right now

On Tue, Feb 25, 2014 at 5:38 PM, Andrew Lewman liberationt...@lewman.uswrote: Idle curiosity, what percent of Iranian Internet users use a proxy (or don't go naked on the Internet)? 1%? 5%? 50%? I tend to cite the Iranian chief of police's about 20 to 30 percent of (Iranian internet) users

Re: [liberationtech] Many VPNs and Psiphon are currently blocked in Iran right now

Nariman, None of the tools are safe, since the users in question are finding servers and credentials through word of mouth and on public sites without attribution for where their data is going. Even if the other side is not malicious, I've seen a fair amount of those vendors require or encourage

Re: [liberationtech] Many VPNs and Psiphon are currently blocked in Iran right now

On Sat, Feb 22, 2014 at 2:58 PM, Brian Conley bri...@smallworldnews.tvwrote: Sure, and for 25,000 users apparently Tor works at least some of the time. We need to understand why tor(and other products) work for these individuals why it doesn't work for others. This is the only way we can

Re: [liberationtech] Many VPNs and Psiphon are currently blocked in Iran right now

On Sat, Feb 22, 2014 at 7:59 PM, Brian Conley bri...@smallworldnews.tvwrote: My goal is not to help every citizen who wants to look at cat videos or porn or share pictures of their lunch with their friends. Lovely. Amin and Nariman's goal seems to be making sure that Iranian public remains

Re: [liberationtech] Many VPNs and Psiphon are currently blocked in Iran right now

On Sat, Feb 22, 2014 at 9:35 PM, Nathan of Guardian nat...@guardianproject.info wrote: I just hope that the Tor is slow meme, along with other famous ones like PGP is hard and No one cares about privacy, are continued to be challenged, tested and not accepted as inevitable. Certainly,

Re: [liberationtech] Coursera to join censor club by blocking Iran IP space

My hypothesis has been that Coursera, in the midst of raising venture capital funds, had a broad compliance risk evaluation and this was raised by outside counsel. Based on their blogpost, I suspect they took voluntary action and then reached out to State (or vice versa), who likely informed them

Re: [liberationtech] Coursera to join censor club by blocking Iran IP space

instructs the public to use a VPN and to not give them reason to know about location -- that's imperfect yes, but it was respectful. On Thu, Jan 30, 2014 at 8:26 AM, Collin Anderson col...@averysmallbird.comwrote: My hypothesis has been that Coursera, in the midst of raising venture capital

[liberationtech] SoftEther (VPN Gate) Open Sourced Re: Users flock to Japan student's firewall-busting thesis project - Network World

I thought I might bump this old conversation about a stale press release to mention that SoftEther, the VPN client behind VPN Gate, was opened under a GPL license today. Since I have seen some frustrations with the current state of VPN clients, this might be worth a critical look, especially

[liberationtech] Article Specific Censorship of Wikipedia Across Countries

Libtech, Last month Xia Chu (@summer.agony) shared an evaluation and dataset on the Great Firewall of China on the list [1], which really warrants attention for its thoroughness. It far exceeds the work that I released this week on Iran, called {{Citation Filtered}} [2], (which has been in

Re: [liberationtech] Google Unveils Tools to Access Web From Repressive Countries | TIME.com

On Tue, Oct 22, 2013 at 1:36 AM, Roger Dingledine a...@mit.edu wrote: That was a different guy though right? And surely this time they're doing it right, with a comprehensive design document and threat model, open source, etc before the publicity splash? Sort of, but I think these challenges

Re: [liberationtech] Possibly of interest to this list

On Fri, Oct 18, 2013 at 6:39 PM, Linus Nordberg li...@nordberg.se wrote: Indeed. The news here is whether we're trying to whitewash that by signing up for (parts of) https://en.necessaryandproportionate.org/. I deeply hope they attempt to whitewash these actions through explicit participation

Re: [liberationtech] Complete GFW Rulebook for Wikipedia

Congratulations, this is impressive work. I am also completely jealous -- a colleague and myself will be releasing a similar report for Iran in the next two weeks. This is intended at a broader global project on Wikipedia censorship ({{Citation Filtered}}) that I would hope might merge well into

[liberationtech] Technical Evaluation of How Iran's Filternet Failed Last Week

Libtech, The issue did not come up on the list (fatigue I suppose), but I am sure people are well aware that many previously filtered sites were available in Iran for much of last Monday. Today, Small Media publishes the latest in its Iran Infrastructure and Policy series, which lays out

[liberationtech] Pew: Anonymity, Privacy, and Security Online

This was linked to in the FP piece on Alexander, and should hopefully be of interest to many here in privacy and CFAA work (14% have used VPNs, Tor, etc). - Collin --- http://pewinternet.org/Reports/2013/Anonymity-online/Summary-of-Findings.aspx Most internet users would like to be anonymous

Re: [liberationtech] Iranian users vs. FB new policy

No, this is clearly covered by General License D for Iran and the 'personal communications' exemptions in other sanctions regimes -- it's a nice find, but I suspect it targets individuals designated under the SDN list. On Tue, Sep 3, 2013 at 12:55 PM, Amin Sabeti aminsab...@gmail.com wrote:

[liberationtech] Android Developers, Opt-In to Iran Play Store Access.

Developers and friends of developers, Google today is announcing App Store access to Iran, however, participation requires an option to be enabled [1]. If you produce applications please opt in and pass along to your developer friends. Cordially, Collin [1]

[liberationtech] Internet Policy Observatory: Call for Proposals

Libtech -- This might be promising for the academics and researchers amongst us. http://cgcsblog.asc.upenn.edu/2013/07/31/internet-policy-observatory-call-for-proposals/ Internet Policy Observatory: Call for Proposals The Center for Global Communication Studies (CGCS) at the Annenberg School

[liberationtech] Hayden on 'Internet Freedom' as State Dept. Money Laundering Against US Security Interests

Libtech, A friend passed along little noticed comments by Gen. Hayden in June, which I would suggest are the most direct elaboration on the differences between the American security apparatus and piracy development efforts. The actual interview is long, but there is one statement in particular

Re: [liberationtech] Does anyone know a celebrity who feels strongly about privacy issues?

The problem with occasionally looking at Huffington Post is that I'm subjected to such things... Matt Damon: *He broke up with me, the Elysium star said. There are a lot of things that I really question, you know: the legality of the drone strikes, and these NSA revelations they’re, you know,

[liberationtech] Iran's Internet and the Politics of a New President

Libtech, Some of you might be interested in the latest Small Media Infrastructure report, which covers the time between election day and inauguration. Unlike the prior report, which was heavily technical, this iteration largely focuses on the vibrant policy discussion happening around the state

[liberationtech] Interesting Language in Foreign Appropriations Bill

Libtech, Tomorrow is the full committee hearing for the House's State and Foreign Operations Bill for Fiscal Year 2014. Lines 14-18, concerned with the appropriation of funding for the Broadcasting Board of Governors should be of interest to many, although I would caution that the same language

[liberationtech] Tango.me Hacked by the SEA

Libtech, Regrettably, it seems to have slipped the attention of most media, but the Syrian Electronic Army appears to have managed to compromise the network of the popular communications service Tango. They claim to have retrieved 10 Tb of backup data, so one might imagine there is a lot of

Re: [liberationtech] Is Most Encryption Cracked?

It's so strong that we can't export it to Cuba, Iran, Sudan, and North Korea. Perhaps they should stop using pictures of Green Movement activists as an advertisement if they are going to be ignorant and spineless about export controls. On Wed, Jul 17, 2013 at 1:38 PM, liberationt...@lewman.us

[liberationtech] Cyber Weapon Controls in NDAA 2014

Members of Libtech may be interested to know that the National Defense Authorization Act for Fiscal Year 2014 includes recommendations for controls on cyber weapons. SEC. 946. CONTROL OF THE PROLIFERATION OF CYBER WEAPONS. (a) Interagency Process for Establishment of Policy- The President shall

[liberationtech] Iranian Internet Infrastructure and Policy Report: Election Edition

Libtech, Small Media released its Election Edition of the ongoing Infrastructure series. It should make for a quick read, but lend a great deal of technical and political insight into the fairly aggressive campaign against access that occurred in the final days of the lead up to the first round

[liberationtech] Dimming the Internet: Detecting Throttling as a Mechanism of Censorship in Iran

Libtech, Today, my latest paper “Dimming the Internet: Detecting Throttling as a Mechanism of Censorship in Iran,” a documentation on three years of the use of bandwidth throttling as a means of political censorship in Iran, was posted on the publishing site arXiv. Blogpost:

Re: [liberationtech] Want to shield text, photos from government? Wickr says it has an app for that | SiliconBeat

Can we just not? Wickr's PR is pretty adept at taking advantage of opportunities and Libtech bites every time. http://i.imgur.com/a5KVZzG.png On Sat, Jun 8, 2013 at 10:27 PM, Rich Kulawiec r...@gsp.org wrote: It's not open-source, therefore it not only *can* be discarded without any further

[liberationtech] Libtech Codified Into Sanctions Regime Exemptions

Colleagues, Today, the US Department of Treasury's Office of Foreign Assets Control is set to announce the lifting of sanctions of certain types of personal communications technologies, including reportedly for the first time commercial products such as mobile phones [1]. In a less noticed move,

[liberationtech] Important Iranian Filternet Changes

Readers of Libtech may be interested in the changes to the filtering regime that were imposed a few hours ago. Currently traffic streams, at least unknown streams if not all, are being dropped after exactly sixty seconds, terminating the connection. It appears this is based on protocol rather than

Re: [liberationtech] Important Iranian Filternet Changes

On Sun, May 5, 2013 at 10:32 PM, Fabio Pietrosanti (naif) li...@infosecurity.ch wrote: What's about unknown UDP-based protocol (that are stateless, so not subject to TCP reset) ? Just to clarify, the disruption is inline dropping of traffic and not TCP reset; also, UDP transfer with netcat

[liberationtech] Kiobel Ruling on Alien Tort Statute and Censorship Tech

Libtech, Today the Supreme Court handed down a ruling that seriously limited the scope of the Alien Tort Statute on human rights cases. ATS was the grounds that Iranians attempted to sue Nokia Siemens Networks for their sale of lawful intercept, claims of liabilities for selling surveillance to

Re: [liberationtech] Why Bluecoat?

Quantitative data! https://www.google.com/finance/historical?cid=663863startdate=Jul+1%2C+2011enddate=Apr+10%2C+2012ei=p8NlUZinGurN0AH89gE On Wed, Apr 10, 2013 at 3:43 PM, The Doctor dr...@virtadpt.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/06/2013 12:14 PM, Kate Krauss

Re: [liberationtech] The Myopia of excluding censors: The tale of a self-defeating petition - Opinion - Al Jazeera English

Libtech, I appreciated the short articulation of this counterargument at the time of the petition being posted and this article summarizes it well. Firstly, unfortunately while Libtech has fostered an impression of being a private network, it has grown beyond that over the past three years, into

Re: [liberationtech] Cryptography super-group creates unbreakable encryption

Is there something I'm missing about ~selling~ dissidents solutions in Iran and NK? US Government have an exception for that? -Ali There is a Favorable Licensing Policy for Iran on Internet Freedom that specifically mentions Fee-Based Internet Communication Services, although since published in

Re: [liberationtech] Wickr app aims to safeguard online privacy

Seems rather reasonable, really. Hardly malware but hardly perfect. Perhaps I am missing something, but isn't the point of contention that Wickr and Silent Circle are promising trust in the destruction of messages on the receiver side, which as far as I am aware is an improbable claim? Again,

Re: [liberationtech] Latest article on silent circle

While we can debate the merits of Silent Circle as an application or a model, the article had a broader focus that should not be lost. Whether or not VoIP and other providers are the best actors, they are bound to abide by legal regimes that are not so privacy friendly. As the threat of a new

Re: [liberationtech] beta - TERC - iphone blur/secure-cam

Sam, Congratulations on the application; clearly there is a need for a competitive field of such applications, however, I am a bit concerned about the lack of documentation. The estimated 26 days until the launch of Secure Journalist is a bit of a long wait. In the interim, is there some material

Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES

Joe, My experience has been that when a general letter is written with no particular recipient, it ends up being received and acted on by *no one*. Skype represents such a significant portion of the concern, even measured based on traffic to this list, that it warrants direct questions and

Re: [liberationtech] Nokia's MITM on HTTPS traffic

The words Nokia and MITM are bound to attract attention. There is a substantive difference between this and CarrierIQ situation; the matter in question is a common, although older, trend that is certainly not limited to the browsers in question. Pages are rendered by a third party for a number of

Re: [liberationtech] New report on Internet Censorship and Surveillance in Turkmenistan

from some sources of funding, and if we are successful, we will be making a broader announcement about this initiative shortly. Rafal Sent by PsiPhone mobile. Please excuse typos or other oddities. On 2013-01-05, at 5:58 PM, Collin Anderson col...@averysmallbird.com wrote: In the case

Re: [liberationtech] New report on Internet Censorship and Surveillance in Turkmenistan

In the case of SORM-II, it also has a very distinct signature which is visible if you are sitting in line with the system... Our intention with the testing platform is to contribute to the creation of censorship and surveillance Open Data... That's excellent to hear, does SecDev intend to

Re: [liberationtech] Another CA Compromise: TurkTrust

On Thu, Jan 3, 2013 at 5:26 PM, Ruben Bloemgarten ru...@abubble.nl wrote: you don´t know who I am, but only we know what we´re telling each other. So essentially you and Nadim are arguing that, since CAs fail some of the time, we should get rid of the whole system and end up in the same

[liberationtech] Legal Note: Information Wants to be Free (of Sanctions)

Colleagues, I don't think this legal note about the Berman Amendment and U.S. sanctions regarding social media received much attention, so it seemed useful to share here. While I remain skeptical about the likelihood that OFAC will begin to interpret *informational materials* exemptions in the

Re: [liberationtech] Iranian flagpoles for jamming?

I second Amin's suggestion on the Small Media report; this Fox News article is deeply misinformed. More than anything I am surprised that any media source is still citing Austin Heap as a credible source, however, the author's track record of stories seems to explain a lot. Unfortunately, with

Re: [liberationtech] CryptoParty in Tunis tomorrow (Saturday, 1st December)

and endorsement of this organization. NK On 2012-12-02, at 6:56 PM, Collin Anderson col...@averysmallbird.com wrote: Please elaborate on how requiring a real name endangered Tunisian activists. On Sunday, December 2, 2012, Nadim Kobeissi na...@nadim.cc wrote: If by fumble you mean

Re: [liberationtech] Syrian Internet Is Off The Air

There has been a great deal of research and reporting on the infrastructure of Syria's international Internet connectivity, particularly in terms of international politics. I think its important to underscore the point that the routing is failing with the Syrian Telecommunications Establishment,

[liberationtech] HP SEC Disclosure on Area SpA and ZTE

Libtech, The U.S. Securities and Exchange Commission posted the October 2012 response of HP to a request for information on exports to sanctioned countries -- worth the short read; within, the company discloses that its equipment was transshipped through partners, rather than direct sales, to the

Re: [liberationtech] SOPA Supporter Considered for Sec. of State

actually be an appropriate choice for Secretary of State, evaluating his merits should not be done in as shallow a manner as promoting the business interests of his district, Hollywood -- which is pretty appropriate for an agent model of representation. -- Collin Anderson Sent with Sparrow (http

Re: [liberationtech] SOPA Supporter Considered for Sec. of State

, Collin Anderson col...@averysmallbird.com (mailto:col...@averysmallbird.com) wrote: Howard Berman has had a long tenure in Congress that is worth a deeper evaluation than solely SOPA/ACTA, spanning legislation such as the Anti-Boycott Act, the infamous Berman Amendment (1988 Omnibus Trade

[liberationtech] Open Call on State Department's Definition of Sensitive Technologies

Colleagues, Under the latest Iran and Syria sanctions bill, which I have discussed on the list previously, there was a reporting requirement related to the definition of sensitive technologies. Yesterday State put forward such a definition and opened a call for comments, due in two months. It

Re: [liberationtech] New report about USIA

Now I'm curious what the right list was since USIA is interesting to me. On Friday, November 9, 2012, Jill Moss jm...@bbg.gov wrote: Sorry, posted this on the wrong listserv. Apologies. JILL From: liberationtech-boun...@lists.stanford.edu [mailto: liberationtech-boun...@lists.stanford.edu]

Re: [liberationtech] OkayFreedom

Eric, I think it is necessary to push back on the following statement as extensively as possible. But I’ve never heard of a case in which a user has been punished merely for cybercircumventing. I’d love to hear of such a situation. As Amin hints, there are strongly rooted concerns regarding

[liberationtech] An Eventful Few Weeks in Iran: DNS Tampering, Content-Type Filtering and SSL Blocking on Google

Libtech, I was made aware that dumping data onto Twitter and Pastebin is not always the most useful way of providing public documentation, so I have collected some recent developments into a blogpost. I wanted to share it here because there are more than a few lessons for privacy tool providers,

Re: [liberationtech] Iran blocks MP3, MP4, AVI and SWF files

What is particularly different in this case is that this filtering does not return a 403 Code or TCP RST -- when a GET request for a .mp3 file is sent, the connection is simply blocked. The server can send whatever it likes, but the client will not see anymore traffic after that. This is abnormal,

Re: [liberationtech] Iran blocks MP3, MP4, AVI and SWF files

on their free services now, man I don't know. On Sat, Oct 6, 2012 at 4:45 PM, Fabio Pietrosanti (naif) li...@infosecurity.ch wrote: On 10/6/12 10:36 PM, Collin Anderson wrote: File extension in URL requested, Content-Type or are they even finding their own Content-Type? You are correct

[liberationtech] The Hidden Internet of Iran: Private Address Allocations on a National Network

Libtech, I want to share a working paper of mine that was posted to arXiv last night. This is part of an ongoing effort to start producing verifiable dataset on how Iran's Internet works, and was a surprising discovery that I wanted to share with everyone else -- in lead up to a broader output

Re: [liberationtech] Viber Security and Privacy

Thanks Katrin and Talmon, Voice may or may not pass through our servers (depending on network conditions). Voice is scrambled, but not encrypted. So someone who manages to capture the voice packets going between users may, in theory be able to access the audio. They will need a good

Re: [liberationtech] FinFisher is now controlled by UK export controls

Eric, Thank you for the clarification, I think it is important to point people to the standing regulations that matter most, Wassenaar Category 5 Part 2, and the exemption for FOSS in the control list (which, again, exists for BIS as §740.13). It seems clear from the government's response that

Re: [liberationtech] What I've learned from Cryptocat

Do activists seriously diverge from general browser usage statistics? Oh hey -- at last, quantifiable question that would lend itself to a solid research paper. Let's gather aggregate analytics data from activist sites and compare to the norm. I think I can help on this... On Friday, August 10,

Re: [liberationtech] Internet/IB Mandates in the Iran Threat Reduction and Syria Human Rights Act of 2012

towards Syria? Or am I mistaken and those roadblocks have been already overcome? I am genuinely not up to date on what the sanctions on Syria entail at this point in time. -Andrew On Jul 30, 2012, at 10:46 PM, Collin Anderson wrote: Libtech, Foreign Policy released a copy

[liberationtech] Internet/IB Mandates in the Iran Threat Reduction and Syria Human Rights Act of 2012

Libtech, Foreign Policy released a copy of the compromise version of the upcoming Johnson/Ros-Lehtinen sanctions bill; expected to be legislatively passed in the next week. In true Congressional form, quite a portion of the mandates involve 'Internet Freedom' agenda items -- namely export

[liberationtech] Security Vulnerability in Pidgin-OTR (Please Upgrade)

Libtech, Please be aware of the announcement of a remotely exploitable vulnerability for the package 'pidgin-otr' -- the popular plugin that allows users of the Pidgin instant messaging client to conduct conversations off-the-record. This is pretty important as the software has been recommended