August 2019 Monthly Report

 
Thu, 2019-09-19 20:16

In August, the Open Technology Fund continued to both receive a large number of support requests and to support a diverse portfolio of Internet freedom projects and fellows addressing Internet censorship and surveillance threats in closed societies around the world. This month, the OTF team accepted concept notes for its September 1 round, receiving 170 applications in total. The OTF team also continued the review process for the Digital Integrity Fellowship Program (DIFP); of the 65 applications received, 13 have been invited to submit a full proposal. Also this month, OTF Principal Director Laura Cunningham authored a post on the USAGM blog on countering Internet censorship in China.

Notable Accomplishments

  • The Open Observatory of Network Interference (OONI) released a report on a new wave of online censorship in Ethiopia, finding that WhatsApp and Facebook were both blocked, as was the investigative news site African Arguments. The episode follows an alleged coup attempt in June 2019 and a separate blocking instance earlier in the month which coincided with the country’s national high school exams. OONI’s findings are bolstered by those from the Internet Outage Detection and Analysis (IODA), which detected an Internet blackout between 22nd June 2019 to 27th June 2019. Throughout August, OONI Probe was run 375,421 times from 5,272 different vantage points in 214 countries around the world. Also this month, local OONI partner IPYS Venezuela released a report documenting censorship events in the country during 2018 – compiled through the use of the OONI Probe app. The free press organization also held an OONI workshop for journalists in Venezuela.
  • Wireguard, a simple yet fast and modern VPN protocol, was integrated as a mainline feature in the macOS and Linux versions of the Mullvad VPN app. To use Wireguard in Mullvad, users simply check a box in the app’s settings. Integration for Mullvad’s Windows version is also planned for a later release.
  • Mailvelope, a browser extension that facilitates email encryption for users of browser based email, released Mailvelope version 4.0 which features new branding elements including a new logo, fonts, and customizable security background; an improved file encryption feature; and full support for Autocrypt, which aims to make key sharing an easier process for users. Mailvelope also underwent a security audit supported by Germany’s Federal Office for Information Security (BSI); all security issues identified were addressed by Mailvelope in July’s version 3.3.0 release.
  • The PyPI Improvements project released in beta new advanced audit log feature of user action. This will allow PyPI users to better ensure the security of their projects on the platform by compiling a log of sensitive actions, allowing users to check for signs of potential intrusion or other malicious behavior, for example. As the official software repository for the Python programming language, PyPI is a high value target for bad actors who want to inject malware into popular applications that run on Python – including many Internet freedom projects.
  • The Tibetan Computer Emergency Readiness Team, or TibCERT, published their first quarterly bulletin in both Tibetan and English, covering the project’s launch, targeted attacks and solutions, surveillance technologies used in Tibet and elsewhere in China, and TibCERT’s Apple Censorship Report, including solutions to circumventing Apple’s censorship of apps. The latter report has also been translated into Tibetan and published on the TibCERT blog.
  • ICFP Fellow Alexei Abrahams’ research on techniques to identify social media influencers and bots in the Gulf region (focusing on Twitter) was accepted for publication by two academic journals. Abrahams’ work was also cited extensively in a series of Al Jazeera articles on Twitter manipulation in the Gulf region: one on how bots have overrun the platform in the Middle East to manipulate discourse, and the other looking at how Twitter bots were employed to influence the spread of information following the murder of journalist Jamal Khashoggi.
  • In July, Apple released its latest transparency report, which for the first time included app takedown requests categorized by country, further highlighting how state-imposed censorship occurs at the app store level – something that the App Store Censorship project has worked to raise awareness of. In the report, Apple noted that they received 517 takedown requests in China, for example; however, tests conducted through the App Store Censorship’s tool have thus far discovered 1,174 apps that are unavailable in the China App Store. Apple’s report did not specify which apps were requested for takedown. If you’d like to test the availability of a certain app on the Apple app store in China or another country, try out the tool here: https://applecensorship.com. In addition, the project is currently working on implementing recommended changes to the tool’s User Interface and also added backend detection of apps that have changed status (either apps that used to be available becoming unavailable, or the other way around).
  • At the 2019 Chaos Communication Camp, Eileen Wagner of Usability Lab service provider Simply Secure presented a case study on their UX redesign of NoScript, a security-enhancing browser extension. The talk covered how essential design principles are applied to security tools as well as how Simply Secure applies their human-centered design process to such projects.

Projects Mentioned