In April, the Open Technology Fund continued to both receive a large number of support requests and to support a diverse portfolio of internet freedom projects and fellows addressing internet censorship and surveillance threats in closed societies around the world where the free flow of information is curtailed. During the past month, we continued reviewing and responding to the more than 130 concept notes received during the March 1 round. Additionally, with the May 1 round deadline now closed, we’ve begun reviewing and responding to the additional 135 concept notes received for that round. This month, we also provided an update on the status of our funding for fiscal year 2018, which you can read about here.
Decentralized, encrypted messaging tool Briar announced the first stable release of the app - version 1.0 for Android. It is available for download via Google Play and F-Droid here. Further improvements to the platform are already underway, with Briar also announcing plans to implement additional usability improvements including improved battery life, offline message sending, and image sending capabilities.
OTF supported a security audit of the ‘Jingwang’ app, a state -run surveillance tool whose use by Uyghur residents in the Xinjiang Uyghur Autonomous Region (XUAR) is mandated by the Chinese government. The audit found that the app fails to utilize even basic security measures while scanning users’ devices for thousands of files deemed “dangerous” by the state. The lack of security - combined with the app’s broad scope - only further harm those required to use it. Read more about the report in this OTF blog post (Chinese) or this Motherboard article.
Derecho Digitales published the first version of a new Tor usability guide geared towards Spanish-speaking communities. The guide includes term translations and explanations, different types of Tor nodes, and how to go about setting up a Tor relay. You can access the guide here. Additionally, Derecho Digitales published a regional Tor relay monitoring site for South America to enable better monitoring of Tor relay performance and user participation in the region. You can access that site here.
The Open Observatory of Network Interference (OONI) published a report on Internet disruptions in Sierra Leone during the period around the country’s runoff presidential election. OONI’s testing found evidence of two network disruptions which occurred before and after the election; one seemingly caused by an ACE submarine cable being cut, and the latter showing signs of possibly being an intentionally implemented shutdown. Read the full OONI Sierra Leone report here.
Adversary Lab completed their OTF-supported work building a tool capable of testing the efficacy of certain circumvention tools - namely, pluggable transports. By analyzing captured network traffic, circumvention tool makers can better test how effective their tool will work against the blocking mechanisms employed by repressive censors. The Adversary Lab is now more user friendly, comes with more performance capabilities built in and is open source and freely available to all. The source code for the new Adversary Lab version (1.1.0) is available via GitHub here.
Several new projects are now under contract with OTF, including Securing Domain Validation (aiming to better secure Internet domain validation through certificate authorities against Border Gateway Protocol [BGP] hijack and interception attacks)1, Sub-Saharan Africa Cyber Threat Modeling (detecting and analyzing threats to Internet freedom in Ethiopia, Rwanda, Nigeria, Kenya, Cameroon, Zimbabwe and South Sudan around election periods), and OpenArchive (a secure open source media archiving ecosystem by and for human rights defenders and vulnerable documentarians to preserve materials otherwise censored and deleted by repressive actors).
ICFP fellow Claudio Agosti completed work on his fellowship, which advanced understanding around how advertising networks are exploited by malicious actors to serve a malicious script or inject malware. The project investigated numerous methods and environments while creating open tools to encourage further exploration. Agosti’s host organization, Coding Rights, provided assistance with engaging targeted communities and in promoting awareness of the risks highlighted through this fellowship. The final documentation and research findings were publicly released and are available here.
Select news collected by OTF from the month of April 2018 - Get the full feed live @OpenTechFund or sign up to receive our daily newsletter.
A Google update just created a big problem for anti-censorship tools | The Verge
Iran’s judiciary bans use of Telegram messaging app | Reuters
Tanzania’s bloggers face hefty fees for right to post online | Financial Times
China’s Xi says internet control key to stability | Reuters
Russia’s Telegram block sweeps up millions of IP addresses, other services | Meduza
Egypt to punish ISP’s refraining from blocking mandated websites | Egypt Independent
Uganda to tax social media to stop gossip on social media | Quartz
Iran pushes app with ‘Death to America’ emoji | BBC
China removes four news apps from smartphone stores to tighten control | South China Morning Post
A recent example of the relevance of this project is seen in this recently reported security incident in which attackers hijacked Amazon traffic: “BGP still largely relies on the Internet-equivalent of word of mouth from participants who are presumed to be trustworthy. Organizations such as Amazon whose traffic is hijacked currently have no effective technical means to prevent such attacks.” Ars Technica ↩︎
- Program Update
- Sub-Saharan Africa Cyber Threat Modeling
- Securing Domain Validation
- Adversary Lab
- OONI : Open Observatory of Network Interference
- Derechos Digitales