January 2020 Monthly Report

Tue, 2020-02-25 19:49

In January, OTF continued reviewing and responding to the 95 concept notes submitted during the January 1 round for the Internet Freedom and Core Infrastructure Funds, while accepting concept notes for the upcoming March 1 round. In addition, OTF continued accepting applications for the next cohort of Information Controls Fellowship Program (ICFP) fellows; the deadline to apply was February 24, 2020, so OTF will now review the 40+ submitted applications. OTF also announced the current ICFP class; you can read about the nine fellows and their projects here. OTF also launched the new Technology at Scale Fund, which is the primary mechanism through which OTF will support proven, large-scale technologies to support the needs of USAGM broadcast networks, journalists, and their audiences. The first deadline for the Technology at Scale Fund is March 1, 2020.

Notable accomplishments

  • The Azerbaijan Internet Watch (AIW) project released a report produced in collaboration with Qurium on a targeted phishing campaign against Azerbaijani civil society members, including human rights activists, journalists, and researchers. Attackers used fake email addresses mimicking those of “prominent human rights defenders, journalists and members of the Council of Europe” in attempts to infect their devices with malware. By reverse engineering two of the phishing emails, Qurium found that one of the malware analyzed was capable of “collecting keystrokes, screenshots, and Wifi credentials from the victim’s computer,” while another could “could obtain remote access to the victim’s machine and hence, gain full control and access to its content.”
  • WireGuard, a more secure, resilient and fast VPN protocol, was merged into the code repository for Linux version 5.6, the next planned Linux release -a significant step in WireGuard’s development towards becoming a mainstream tool that can be adopted in a wide variety of use cases. This is important because Linux and Linux-based systems are nearly ubiquitous among modern computer systems; for example, the Android and ChromeOS operating systems are derived directly from the Linux kernel, many Internet of Things (IoT) devices run on Linux, and nearly all cloud infrastructure operates on Linux. As ZDNet reports, when Linux v5.6 is likely released in the spring, “…VPN developers will already have WireGuard-powered VPN programs and services ready for both VPN service providers and end-users…Tomorrow’s VPN, on Linux and everywhere else, will be based on WireGuard.”
  • The Open Observatory of Network Interference (OONI) has made improvements to their censorship testing tool OONI Probe allowing for OONI measurements to be published in near real-time. Now, any time someone uses OONI Probe to test for censorship or interference on their network, their test results are openly published within minutes on the OONI Explorer page. Also in January, OONI published two new resources: a Frequently Asked Questions (FAQ) list explaining all things OONI and a glossary containing definitions for technical terms relevant to using OONI. Throughout January, 8,142,429 OONI Probe measurements were collected from 5,307 networks in 206 countries around the world.
  • Netalitica completed phase one of their project focused on improving test lists used to monitor instances of Internet censorship worldwide. During phase one, Netalitica worked with researchers to update the list of potentially blocked websites used in twenty countries from across the Middle East, North Africa, eastern Europe, and Asia. This improves the data collected by research tools like OONI Probe, resulting in more accurate information about what sites are being censored and how. The methodology followed by Netalitica during the project can be found on their website under “Guideline for Test Lists Researchers.” In phase two, Netalitica will conduct a similar update process for the test lists used in 28 countries in Latin America, Asia, Africa and MENA. Netalitica is hiring researchers for the project; information can be found here.
  • The magma guide, a user-friendly research framework for individuals looking to analyze information controls through network measurements, was released in January. The guide is the first publicly available resource of its kind, offering guidance around how new information controls researchers can better structure their activity plans, make informed tool choices (taking into account ethical and security aspects), and properly analyze the resulting data, all in an accessible how-to format. You can read more about the guide in this blog post.
  • The FORT RPKI Validator project released the beta version of Monitoreo FORT, which aims to track routing incidents such as traffic hijacking or potentially malicious redirecting in Latin America and the Caribbean and provide open data on how protected the routing system is. The tool is meant to serve as a source of information for both non-technical audiences like decision makers and activists, as well as IT professionals in the LAC region. You can access the tracking tool here (Spanish only at present): https://monitor.fortproject.net/. In addition, the project recently released a report (pdf) on routing security and Internet freedom in the LAC region, providing information on how routing security impacts end users and ways it can be improved. The report provides an extensive catalog of data from incidents occurring between 2017-2019, shedding insight into how routing security has evolved during this time both in the region and globally. You can read more, including the report’s recommendations on how to improve routing security, in the full report here: Routing Security in Latin America and the Caribbean (pdf).
  • Secure UX Design Method is now working on an OTF-supported project, aiming to create an actionable, modular, educational guide for those who need to implement human rights centered design into their workflows and practices. These design methodologies combine human-centered design with human rights policy. The project is a way to help front-line human rights defenders respond to global Internet censorship, bias in technology, online harassment, and adversarial state actors engaging in cyberwarfare, for example. The project is currently interviewing experts from the fields of research, privacy, usability, technological development, program management, and security training; if you are interested in participating, you can learn more on the project’s website.

Select news collected by OTF from the month of January 2020 – Get the full feed by signing up to receive the OTF newsletter or follow on Twitter @opentechfund.

Op-Ed: China media censorship making Wuhan coronavirus more lethal | Los Angeles Times
Coming soon – the smartphone that promotes ‘Russian values’ | Reuters
Social Media is Still Banned in Kashmir, But VPNs Come to the Rescue | VICE
Research: Stopping the Press: New York Times Journalist Targeted by Saudi-linked Pegasus Spyware Operator | Citizen Lab
Apple removed 805 apps in China from 2018 to 2019 | Abacus
Bangladesh: Online Surveillance, Control | Human Rights Watch
Chinese man arrested after making $1.6 million from selling VPN services | ZDNet
Turkey Restores Wikipedia After More Than 2-Year Ban | New York Times

Projects Mentioned