We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

OONI: Let's Fight Internet Censorship, Together!

00:00

Formal Metadata

Title
OONI: Let's Fight Internet Censorship, Together!
Subtitle
The Open Observatory of Network Interference
Title of Series
Number of Parts
167
Author
License
CC Attribution 4.0 International:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
How can we take a stand against the increasing shadow of Internet censorship? With OONI Probe you can join us in uncovering evidence of network interference!
Keywords
7
Thumbnail
30:34
12
Thumbnail
55:26
43
61
Thumbnail
1:05:55
78
Thumbnail
1:01:42
83
92
Thumbnail
33:27
110
Thumbnail
31:25
141
Thumbnail
31:11
147
Thumbnail
31:30
InternetworkingMereologyAssociative propertyInheritance (object-oriented programming)QuicksortProjective planeVideo gameWebsiteEvent horizonOffice suiteRoundness (object)Software developerComputer animationJSONXMLUML
InternetworkingSoftwareOpen setInternetworkingVideoconferencingConnected spaceForcing (mathematics)Physical lawQuicksortOpen setOrder (biology)MeasurementStaff (military)Metric systemSystem administratorArithmetic meanForm (programming)Scripting languageWebsiteResultantTerm (mathematics)Operator (mathematics)10 (number)Different (Kate Ryan album)Projective planePerspective (visual)Sampling (statistics)View (database)Right angleSoftwarePresentation of a groupPower (physics)WeightDigital mediaInternet der DingeField (computer science)Internet service providerFrequencyState of matterMultiplication signCASE <Informatik>Traffic reporting8 (number)Validity (statistics)Latent heatWeb serviceMixed realityTheoryFile formatObservational studyPoint (geometry)LengthConsistencyChainMusical ensembleBounded variationCategory of beingRevision controlThermal expansionOpen sourceLevel (video gaming)Finite differenceContext awarenessImplementationAuthorizationSystem callContent (media)Self-organizationUniformer RaumFront and back endsXMLUMLComputer animation
Public domainSynchronizationMeasurementLibrary (computing)Computer networkSoftwareSoftware testingWebsiteQuicksortClient (computing)Fraction (mathematics)InternetworkingSoftwarePublic domainCASE <Informatik>Form (programming)ImplementationConnected spaceUniform resource locatorPower (physics)BitIndependence (probability theory)Category of beingMeasurementMultiplication signoutputProcess (computing)Windows RegistryInformationLibrary (computing)Software development kitLatent heatMobile appMedical imagingComponent-based software engineeringOpen sourceSoftware testingTraffic reportingNumberWeb 2.0Projective planeSound effectEvoluteSeries (mathematics)Web pageCharacteristic polynomialProper mapDifferent (Kate Ryan album)FacebookResultantObject (grammar)Computer-assisted translationInferenceWindowPhysical systemEntire functionMetric systemArtificial lifeBlock (periodic table)Total S.A.State of matterSet (mathematics)Observational studyTheoryCuboidProxy serverEngineering physicsComputer animation
Uniform resource locatorSoftware testingLine (geometry)EmailInternetworkingClient (computing)Web 2.0Group actionWebsiteUser interfaceMobile appSubsetQuicksortSoftware testingElectronic mailing listLink (knot theory)Open setRight angleUniform resource locatorJSONXMLProgram flowchart
Uniform resource locatorSoftware testingFormal verificationEvent horizonGUI widgetInternetworkingSoftware testingUniformer RaumCartesian coordinate systemObservational studyInternetworkingComputer animationJSONXMLProgram flowchart
Open setFormal verificationEvent horizonInternetworkingGUI widgetElectronic mailing listObservational studyInternetworkingLevel (video gaming)WeightSoftware developerMeasurementTraffic reportingQuicksortVideoconferencingComputer animationXML
Spring (hydrology)Computer animation
VideoconferencingInternetworkingTraffic reportingLink (knot theory)Computer animation
Kerr-LösungCartesian closed categoryType theoryInternetworkingBitSpring (hydrology)Infinity
InternetworkingMultiplication signOffice suiteSpacetimeMeeting/Interview
Sigma-algebraInternetworkingQuicksortFamilyTelecommunicationCellular automatonPlastikkarteComputer animation
InternetworkingPlastikkartePoint (geometry)Extension (kinesiology)WebsiteMeasurementSoftwareSoftware testingVariety (linguistics)WeightSoftwareMeeting/Interview
VideoconferencingComputer fontSolid geometryAbsolute valueMach's principleWebsiteExpert systemMeasurementElectronic mailing listSoftware testingBlogRight angleProxy serverSoftware
WebsiteHost Identity ProtocolConnectivity (graph theory)Dependent and independent variablesMeasurementRevision controlKey (cryptography)SoftwareWebsiteMeasurementConnected spaceBlock (periodic table)Web pageJSONXML
GoogolOpen sourceInterior (topology)Server (computing)Connected spaceWebsiteRevision controlInformationBlock (periodic table)In-System-ProgrammierungWeb pageArithmetic mean
HyperlinkLink (knot theory)WindowOpen setFunction (mathematics)Set (mathematics)EmailInternetworkingBlock (periodic table)Task (computing)Web pageServer (computing)Group actionPoint (geometry)Software testingSoftware developerSource codeXML
VarianceInternetworkingGame controllerInformationUniverse (mathematics)Electronic mailing listSoftwareRoundness (object)Perfect groupAnalytic continuationJSONXML
Transcript: English(auto-generated)
Welcome everybody to our next talk, Ooni, let's fight internet censorship together.
When you think about internet censorship, I guess that a lot of people would just have an association with countries like China or Iran or Saudi Arabia, but not a lot of people are aware that filtering and blocking of websites and internet censorship also takes place in almost all the other countries around the world, and this talk will educate
you about this. Our speaker is Arturo Felastro, he is the founder and developer of Ooni, and he will tell you more about this super interesting project of his in this talk, please give him a warm round of applause. Thank you Miriam.
Hi, I guess I would like to start with thanking you and sort of expressing how much this is an honor for me to present this project in front of an audience like CCC. I've been coming to these events since I was just over 18 years of age, and so I
think this project and also a large part of my adult life is also due to the encounters and the things I have learned at events like this. And so to get right into it, I think the first thing that we should start with when talking
about a project like Ooni is understand what we are talking about, so to frame what we mean when we say internet censorship, because these, there is some video connection, okay,
so what is internet censorship? Within the context of Ooni, when we talk about internet censorship, what we mean is some form of network interference that comes with intent to disrupt or distort the reality
of the internet from the perspective of a country or a network. So it means that it requires intent from the sensor to create this altered view of
what is the internet. Another term that we use to define internet censorship is a filter net, and what we will see during the course of this presentation is that there are in fact many filter nets around the world, and that depending on which country you are in, and depending on the regime or the ideology
of those in power, different views of what is acceptable and not acceptable to be done on the internet are enforced. And so Ooni, or the open observatory of network interference, is this network measurement
project that was started back in 2012, and it's a community-led project that's composed of a network of volunteers that install the software and collect evidence of internet
censorship around the world. Since until today, we have gathered measurements from over 200 countries, and we have measurements coming in from tens of thousands of different networks every month.
But the sort of founding principles around Ooni and the reason why we decided to work on this project is that we want to sort of bring to the field of network measurement, and in particular, the field of network measurement applied to detecting network interference
and or internet censorship, the principles of openness and transparency. So Ooni is open methodologies, which means that all of the tools and techniques that we use in order to examine internet censorship are openly documented and specified, sort
of like in RFC format, and these allow people to validate that what we are claiming to do is actually reasonable and fair. The methodologies that we specify are then implemented using open source software, so
you can verify that what we define in the specification is in fact consistent with what is implemented, and all the data that is collected by the thousands and tens of thousands and hundreds of thousands of volunteers around the world are made available openly
as open data, so anybody can use this data for their own purpose, and sort of from the beginning to the end of the chain, validate that what we are doing is in fact correct and reasonable, and hopefully, by doing all of this, we will reach at some point
a stage in which we can say that what we are doing is in fact reproducible research so that every step from the definition of what you do to the implementation to the publication of the data is entirely reproducible.
All of our tooling, like all of our backend infrastructure, even our sysadmin scripts are made available openly so anybody can set up their own Ooni if they wish. But before going more into what Ooni is, I would like to give you a taste of what
is possible with this sort of research, as in what are the sorts of things that can be discovered by collecting network measurements around the world? And these are obviously just some small samples. You can learn more about each of these cases by reading our full-length reports,
but this is sort of more to show you what is the kind of impact that a tool like Ooni probe can have in the world. So the first case I would like to talk to you about is one that maybe you have heard in the news, or maybe not, because it was not covered as well, and it's around
the protests in Ethiopia in December of last year, 2016. These protests sparked in a particular region of Ethiopia called the Oromo region, and they were around some conflict related to the expansion of a certain city, of the borders
of the city of Elisabada that would, in a way, sort of basically kick people out of their homes because they would suddenly have a big house, like a big city where they live. And so this led to some very serious protests that were very violent, and the police was
also very brutal to the protesters, and it led to many deaths. And as a result of these protests, also some network interference was done, so in order
to stop the protesters from communicating and organising, WhatsApp was blocked, so the protesters could no longer coordinate or organise themselves, and with UNI, we gathered evidence of this so we could prove in an undeniable way that WhatsApp was blocked, that deep
packet inspection technology was being used, and we were also able to understand precisely how it was working, that allowed us even to give some advice of what some site operators could do to even circumvent it in some way. And many websites, from media outlets, human rights websites, and obviously political opposition
websites were found to be blocked during this period. Following this, in Ethiopia, the state of emergency was declared, starting from October 8th, 2016, just until a couple of some months ago, August 2017, so lasting 10 months.
But what is interesting from this sort of case is that what we found evidence of is actually blocking and censorship being implemented before the state of emergency, which in theory was something that was not supposed to be allowed.
And together with Amnesty International, we published a research report outlining our findings, and sort of providing evidence that this was something that was in fact happening, and was clearly not something that a clear human rights violation.
Another interesting case that we worked on together with our partner, our Malaysian partner, Senor Project, was published in May 2017, and it was sort of a study of internet
censorship in Indonesia. We found that many sites of various categories were blocked, but I think one of the most interesting things from this particular report was the fact that we collected measurements
from around 60 different networks, and based on these, we were able to see that there was actually very much some difference between the different operators in terms of what was being blocked and what was not being blocked. So as an example, Vimeo and Reddit were found to be blocked on certain internet service
providers in Indonesia, although the ban for blocking such websites was supposedly lifted two years ago. And this stems, I guess, from the fact that the Indonesian legislation states that internet
service providers are granted the authority to inhibit or block content that is considered negative content, and they are left on their own to make this judgment call of what constitutes negative content. And as a result, you see quite some variation in terms of which sites are blocked and which
are not blocked. And this is why it's important, even in places where you may say you know that censorship is happening, yes, you may know that censorship is happening, but you don't necessarily know what the censorship of your neighbour looks like, even if they live in the same country.
Another very interesting report that I think we could spend an entire one-hour talk just discussing about this particular country was published in September 2017, and it was on
the country of Iran. And there we found an astounding number of websites to be blocked. I think, in total, we counted 1,020 URLs blocked, ranging from all sorts of various
different categories, and without going too much in-depth into this, what I should say on Iran is that it's definitely one of the countries that has the most state-of-the-art internet censorship apparatuses, and they implement the most sort of advanced forms of
internet censorship, and two interesting aspects that are unique to this country, I think, are one, that the censorship that they implement is done in a, let's say, non-deterministic fashion.
What this means is that you will visit a website, and it's not that every connection to that website will be terminated immediately, or every time you visit it. They will just selectively drop some packets, every certain number of requests, leading the user to think in some cases that the website is not in fact blocked, but is just
unreliable, or not functioning properly. The other aspect that we found that was quite interesting is given the fact that we analysed the corpus of data dating back to 2014, we were also able to track the evolution of censorship over the course of these years, and one of the things that we found was
that certain websites, such as Instagram, that previously they were blocking only specific posts, so specific images or specific pages on the site that were deemed sort of unacceptable or against the, you know, the morale of the majority, but as
Instagram rolled out HTTPS on all of their websites, the Iranian government was put in a situation where they either blocked all the website, or they could not block the specific pages, and so, I mean, I guess this is more something to reflect upon of
how sometimes something that you take as just a positive thing, and it clearly is a positive thing to have websites implement HTTPS and have secure connections to them, but it does also lead sometimes to some effects that are not expected, maybe, and this is
an example of it, so now Instagram is entirely blocked in certain networks in Iran. Another case that probably you have heard about happened in Spain just a couple of months
ago, and it was around the Catalonia independence referendum, and there was some movement to do a referendum to claim independence from Spain for the Spanish region Catalonia,
and, as a result of this, the Spanish government decided that one way to sort of create an obstacle for the success of this movement was that of implementing censorship and blocking
websites. I think the reason why this is something important to talk about here in Europe is that we should not forget that these things also happen in our home, and that oftentimes when we talk or think about internet censorship, we think as it is something that happens only over there, but, in fact, many countries in Europe implement
censorship for gambling or other reasons, and it's kind of a slippery slope, because once you have the infrastructure in place that can be used to implement internet censorship, those in power can possibly abuse it to, you know, do things that are clearly not acceptable,
and so during the Catalan referendum, 25 websites were blocked, the .cat registry was raided by the police, and they forced them to take down or block a series of .cat
domains that were hosting just information about the Catalonia independence referendum. So I hope this has given you an idea of what are the sort of things that can come out of running a software like UniProbe and collecting this sort of evidence.
So now what I would like to talk to you a bit about is the sort of ecosystem of uni software. So the various software components that make up UniProbe, and all of the things you see here are open source. You can, like, you know, git clone them and hack on them to
your pleasing. And the first thing that I will tell you a bit about is the sort of engine that UniProbe, the client that we use to run the network experiments, is based
on, and it's called Measurement Kit. This is a C++ library that we use to implement all of our network measurement experiments, and it currently supports Android, iOS as our two primary targets, but it also works on any UNIX system, and we are in the process
of ensuring that it works properly on Windows as well. We have JNI and Node.js bindings, so you can include this library inside of a project of yours where you need to do some particular experiments that involve measuring networks.
As I said, the tool that we use to collect network measurement data is UniProbe. We have an Android and iOS app that you can download on your phone. It's also available
on AfDroid. We have Mac OS and Linux as well in the form of a web UI, but we are also working on a more fully-featured proper desktop client that will support also Windows as well as Mac and Linux. And the sort of tests that we do, as I guess
someone understood from the case studies, are mainly around these sorts of categories. So we have tests that examine web censorship, so whether or not a particular website is
blocked or is not blocked. We check to see if instant messaging apps like Facebook Messenger, Telegram, WhatsApp, et cetera, work or do not work. We have a series of tests for censorship circumvention tools like Tor, VPN, Lantern, Siphon, et cetera.
Then we have some tests that are more trying to understand certain characteristics about your network, so whether or not a middle box, so something like a transparent HTTP proxy, or something that is intercepting your connections and forwarding on them for you is present on your network. And more recently, we've started to have also tests
for examining speed and performance. This is how our mobile app looks like. You can run it on your phone, and check to see what is blocked or not blocked on your network, and by doing so, you're contributing to our global understanding of internet censorship
around the world. This is our desktop client that, as I was saying, is a web user interface, and this is another interesting thing that we have recently launched, which is sort of a way for you to also engage other people to monitor or stand up against
internet censorship for the things that you care about. So, with Unirun, what you can do is you can add a list of URLs that you want to monitor, so, for example, let's
say animal rights activist group in Germany wants to monitor some German websites. They will create an Unirun link, and when people click on this, if they have the app installed, the app will open, and will offer to test the sites that they want to test. So, we obviously
also accept contributions for, or suggestions on what we should be testing, but you can also do this on your own with Unirun. As I was saying, all the data is available as open data, so you can access the uni API, visit the uni Explorer, and use the data
in your own studies to uncover evidence of internet censorship. So this is uni Explorer.
This is a global data map, and it shows all the measurements that we have. You can browse through it to understand what is blocked, and what measurements and what data is available in the various countries around the world. As I said, we also have an API that's more
oriented towards, let's say, developers or data scientists, so you can query this API and obtain the raw data, and all the research reports that we write are actually all based on the same data, so you can write your own research report on a country that you care about just by accessing our data, which is all as open as it can be. So, get out there
and use uni data to understand better what is happening in the countries that you care about. And to close, what I would like to leave you with is sort of another story,
I guess, about a trip that some of the uni team did to Cuba. And I have a video here that I will use to support the narration of the story in a way. And, yes, so, this
was in spring, 2017, and let's see if we can get this in here. So, this is the
video. So, without further ado, I will tell you the story of our trip to Cuba, and the data that you see here is, and the facts here are obviously during the trip. Some things have changed since we went there, but you can find more information inside
of our research report. Many of us take the internet for granted. Many of the things here at CCC would not be possible without it. But imagine living in a world where
access to the internet is not ubiquitous. That's the type of world most Cubans live in. This is a story of our spring, 2017, trip to Cuba, exploring its internet landscape.
Simone, Maria, Leonid, Joe, and all of the other Unitarians that are here, this would not be possible without them, so this is also for all of them. Most Cubans cannot access the internet from the comfort of their homes, rather they need to visit
designated public spaces that offer internet access. Welcome to Parknet. This park, along with many others across the country, serves as a public Wi-Fi hotspot. Such hotspots were set up two years ago in 2015 when the Cuban government provided public access to the internet for the first time. Most hotspots are located in parks, while others
are located in other public spaces like post offices and airports. In a way, Cubans don't access the internet, they visit it, and so it becomes a sort of collective experience. Especially at night, when the heat is more tolerable, dozens of Cubans gather in these hotspots to use the internet and to chat online with their friends and family.
To start browsing the net, you need to have an account issued by Etexa, Cuba's only telecommunications company. Etexa sells these cards at $1.5 for one hour of internet access. You can also purchase these accounts from resellers who lurk around in park nets, but they will
mark up the price to even $3 or $4 for only one hour of internet access. We are curious to explore whether and to what extent internet censorship was implemented in Cuba, and so we run our network measurement software called UniProbe, as well as a variety of
other network tests. Based on our measurements, we found 41 websites to be blocked. More might be blocked as we limit their testing to a list of sites created by country experts. Most of the sites that we found to be blocked include news outlets and blogs, as well as pro-democracy and human rights sites. Many of them seem to have one main thing
in common. Directly or indirectly, they express criticism towards the Cuban government. Other tools were found to be accessible across Cuba. Our software not only allowed us to confirm whether sites were blocked, but it also allowed us to collect network
measurement data that clearly shows how censorship is implemented. Etexa appears to be blocking sites through the use of technologies that resets connections or serves block pages instead of the intended web page. In many countries around the world, when a website is blocked, you know it, because it often looks something like this, or this. Block pages usually
include some information notifying you that the site is blocked and sometimes even include a reference to the legal justification, which means that it may not always be clear that the site is intentionally being blocked. Users might assume that it's a connectivity
issue rather than government-commissioned censorship. But Etexa isn't the only ISP in the world to serve blank block pages. You see this in many countries as well. Interestingly enough, we only found the HTTP version of the sites to be blocked, and the HTTPS is unblocked, meaning that people could circumvent it using HTTPS. However, many sites
that we found to be blocked do not support HTTPS. Chinese vendor Huawei appears to be supporting Kuber's internet infrastructure, and you don't even need to run any tests to find this out. The server header of the block pages, for example, points to
Huawei equipment. Even Etexa's captive portal itself seems to be written by Chinese developers, since they left over some comments in the source code of the captive portal page. Overall, internet censorship in Cuba does not appear to be particularly sophisticated. Given the high cost of the internet, rendering it inaccessible to most Cubans, perhaps the
government doesn't even need to invest in sophisticated internet censorship. But Cuba's internet landscape is changing, and so might internet censorship. That's why we think it's important to monitor networks continuously. Users in Cuba and around the world can run
uni-probe to shed light on information controls. Thank you.
I think I finished right on the dot, so I suspect that... Thank you very much. So everybody in the audience who now got curious about uni, maybe you want to consider if you want to contribute by running an uni-probe in your own country, or when you're on holidays in some interesting places. Just think about whether you would like to contribute and help uni out.
And we have an assembly in the CCL at the second floor, the Universe. If you have more questions about uni, you should come and join us upstairs, and we will be happy to answer any questions you may have. Exactly. Perfect. Check them out in their uni assembly. Please give another big round of applause to Arturo. Thank you very much.