February 2019 Monthly Report

Wed, 2019-03-20 16:56

In February, the Open Technology Fund continued to both receive a large number of support requests and to support a diverse portfolio of Internet freedom projects and fellows addressing Internet censorship and surveillance threats in closed societies around the world. This month, OTF accepted applications for its next cohort of Information Controls Fellowship Program (ICFP) fellows. OTF received 70 ICFP applications in total, with the review process for fellowship candidates currently underway. OTF is also now reviewing and responding to the 121 concept notes received for the March 1 round of the Internet Freedom Fund and Core Infrastructure Fund.

Notable accomplishments

  • BIND9 QNAME Minimization, a Core Infrastructure project focused on adding new security features to BIND, one of the most widely-used open source software applications for running a DNS resolver, released BIND 9.14.0, the first stable BIND release that has QNAME minimization turned on by default. This change reduces the amount of personal data that is passively leaked by Internet users, helping increase user privacy at an upstream level that requires on changes on the user’s part. BIND 9.14.0 was built and maintained openly by the Internet Systems Consortium (ISC) on GitLab. You can read more about BIND 9.14.0, QNAME minimization, and why it’s important for user privacy here on the ISC blog.
  • The Open Observatory of Network Interference (OONI) published a report confirming the blocking of several independent media websites in Cuba during the country’s constitutional referendum vote held on February 24th. Among the blocked sites were Tremenda Nota, which covers human rights issues like LGBTQI and women’s rights. OONI also found that Cuba’s sole ISP, ETECSA, has upgraded their censorship techniques by implementing IP-based blocking, enabling the blocking of HTTPS sites in addition to their HTTP versions. Additional details can be found in the full OONI report here. Earlier in the month, OONI also published a report documenting Internet censorship in Venezuela amid the country’s ongoing political crisis. OONI measurements, gathered thanks to on-the-ground testing by volunteers using the OONI Probe app, verified the blocking of Wikipedia, Instagram, Twitter, and YouTube. Noting the escalation in Venezuela’s censorship capabilities, OONI reports that “this is the first time we are seeing fast-paced, tactical changes to censorship by Venezuelan ISPs,” as the Venezuelan government utilizes more advanced censorship methods such as SNI-based filtering in addition to previously known tactics like DNS censorship.
  • The Fake Antenna Detection Project (FADe) continued initial work on their project seeking to implement the SeaGlass methodology to detect the use of IMSI catchers, which are commonly used to intercept cell phone signals and surveil calls, in Latin America, formalizing alliances with on-the-ground partner organizations, setting up measurement equipment in accordance with SeaGlass specifications, deploying sensors to test sites, and beginning field testing.
  • Decentralized peer-to-peer content delivery protocol NewNode completed work on a new version of the NewNode SDK implementing transport encryption, new peers specification, and the initial implementation of multiple LEDBAT (Low Extra Delay Background Transport) connections. NewNode is in active use and is currently deployed with two organizations in the field. In addition, NewNode successfully underwent a security audit conducted through OTF’s Red Team Lab.
  • Digital Integrity Fellowship Program (DIFP) fellow Iryna Chulivska did a series of interviews across Ukrainian media on various journalism and security topics, raising awareness on topics such as what digital security threats Ukraine can expect this year and how citizens of the occupied Crimea and Donbas regions can secure their data (link); how to communicate securely through messaging tools if you live in occupied Donbas (link); how human rights activists and journalists in Crimea can secure their data and communications (link); on securing your Facebook data (link); and how to secure your personal data, especially before elections (link).
  • IODA, an operational prototype system that monitors the Internet in near real-time to identify macroscopic Internet outages, published a screencast tutorial designed to guide users on how to use IODA’s Dashboard tool to track Internet disruptions around the world. Watch the video here.
  • Localization Lab published a newsletter reviewing the Lab’s work in 2018, highlighting localization sprints held during the year to translate projects such as Tails, Orbot, GlobaLeaks, SecureDrop, Psiphon, and Tor into new languages. Over the course of the year, Localization Lab managed volunteer translation services for 80+ projects from over 7,000 volunteer contributors, with support for over 200 languages enabling the translation of more than 2.5 million words. You can read more about what Localization Lab accomplished during its fifth year of operations here.
  • Usability Lab service provider Ura Design continued conducting usability testing for a feature in the decentralized messaging tools Briar that allows users to add contacts remotely; began work on updating the “Preferences” interface in Thunderbird, a popular free and open source email client – implementing upgrades identified by Ura in a previously conducted usability assessment; and is also working with OpenArchive to improve the branding and visual identity of their “Save” app.
  • WireGuard, a simple yet fast and modern VPN, is now under contract with OTF. WireGuard improves upon existing VPNs with a protocol that is simultaneously lightweight, easy-to-use, and more secure than existing VPN solutions. Through OTF support, WireGuard will undergo numerous improvements and focus on increasing adoption.

Projects Mentioned